Documentation ¶
Index ¶
- Constants
- func ListenIP() (net.IP, error)
- func Load(env string, configDir string, zone string, config interface{}) error
- type Archival
- type ArchivalNamespaceDefaults
- type Authorization
- type Cassandra
- type CassandraAddressTranslator
- type CassandraConsistencySettings
- type CassandraStoreConsistency
- type CertExpirationValidation
- type ClientTLS
- type Config
- type CustomDatastoreConfig
- type DCRedirectionPolicy
- type DataStore
- type FaultInjection
- type FilestoreArchiver
- type Global
- type GroupTLS
- type GstorageArchiver
- type HistoryArchival
- type HistoryArchivalNamespaceDefaults
- type HistoryArchiverProvider
- type JWTKeyProvider
- type Membership
- type NamespaceDefaults
- type PProf
- type Persistence
- type PublicClient
- type RPC
- type ReplicationTaskProcessorConfig
- type Replicator
- type RootTLS
- type S3Archiver
- type SQL
- type ServerTLS
- type Service
- type VisibilityArchival
- type VisibilityArchivalNamespaceDefaults
- type VisibilityArchiverProvider
- type WorkerTLS
Constants ¶
const ( // ArchivalEnabled is the state for enabling archival ArchivalEnabled = "enabled" // ArchivalDisabled is the state for disabling archival ArchivalDisabled = "disabled" // ArchivalPaused is the state for pausing archival ArchivalPaused = "paused" )
const ( // EnvKeyRoot the environment variable key for runtime root dir EnvKeyRoot = "TEMPORAL_ROOT" // EnvKeyConfigDir the environment variable key for config dir EnvKeyConfigDir = "TEMPORAL_CONFIG_DIR" // EnvKeyEnvironment is the environment variable key for environment EnvKeyEnvironment = "TEMPORAL_ENVIRONMENT" // EnvKeyAvailabilityZone is the environment variable key for AZ EnvKeyAvailabilityZone = "TEMPORAL_AVAILABILITY_ZONE" // EnvKeyAvailabilityZoneTypo is the old environment variable key for AZ that // included a typo. This is deprecated and only here to support backwards // compatibility. EnvKeyAvailabilityZoneTypo = "TEMPORAL_AVAILABILTY_ZONE" // EnvKeyAllowNoAuth is the environment variable key for setting no authorizer EnvKeyAllowNoAuth = "TEMPORAL_ALLOW_NO_AUTH" )
const ( // StoreTypeSQL refers to sql based storage as persistence store StoreTypeSQL = "sql" // StoreTypeNoSQL refers to nosql based storage as persistence store StoreTypeNoSQL = "nosql" )
Variables ¶
This section is empty.
Functions ¶
func ListenIP ¶
ListenIP returns the IP to bind to in Listen. It tries to find an IP that can be used by other machines to reach this machine.
func Load ¶
Load loads the configuration from a set of yaml config files found in the config directory
The loader first fetches the set of files matching a pre-determined naming convention, then sorts them by hierarchy order and after that, simply loads the files one after another with the key/values in the later files overriding the key/values in the earlier files
The hierarchy is as follows from lowest to highest
base.yaml env.yaml -- environment is one of the input params ex-development env_az.yaml -- zone is another input param
Types ¶
type Archival ¶
type Archival struct { // History is the config for the history archival History HistoryArchival `yaml:"history"` // Visibility is the config for visibility archival Visibility VisibilityArchival `yaml:"visibility"` }
Archival contains the config for archival
func (*Archival) Validate ¶
func (a *Archival) Validate(namespaceDefaults *ArchivalNamespaceDefaults) error
Validate validates the archival config
type ArchivalNamespaceDefaults ¶
type ArchivalNamespaceDefaults struct { // History is the namespace default history archival config for each namespace History HistoryArchivalNamespaceDefaults `yaml:"history"` // Visibility is the namespace default visibility archival config for each namespace Visibility VisibilityArchivalNamespaceDefaults `yaml:"visibility"` }
ArchivalNamespaceDefaults is the default archival config for each namespace
type Authorization ¶
type Authorization struct { // Signing key provider for validating JWT tokens JWTKeyProvider JWTKeyProvider `yaml:"jwtKeyProvider"` PermissionsClaimName string `yaml:"permissionsClaimName"` // Empty string for noopAuthorizer or "default" for defaultAuthorizer Authorizer string `yaml:"authorizer"` // Empty string for noopClaimMapper or "default" for defaultJWTClaimMapper ClaimMapper string `yaml:"claimMapper"` }
type Cassandra ¶
type Cassandra struct { // Hosts is a csv of cassandra endpoints Hosts string `yaml:"hosts" validate:"nonzero"` // Port is the cassandra port used for connection by gocql client Port int `yaml:"port"` // User is the cassandra user used for authentication by gocql client User string `yaml:"user"` // Password is the cassandra password used for authentication by gocql client Password string `yaml:"password"` // keyspace is the cassandra keyspace Keyspace string `yaml:"keyspace" validate:"nonzero"` // Datacenter is the data center filter arg for cassandra Datacenter string `yaml:"datacenter"` // MaxConns is the max number of connections to this datastore for a single keyspace MaxConns int `yaml:"maxConns"` // ConnectTimeout is a timeout for initial dial to cassandra server (default: 600 milliseconds) ConnectTimeout time.Duration `yaml:"connectTimeout"` // TLS configuration TLS *auth.TLS `yaml:"tls"` // Consistency configuration (defaults to LOCAL_QUORUM / LOCAL_SERIAL for all stores if this field not set) Consistency *CassandraStoreConsistency `yaml:"consistency"` // DisableInitialHostLookup instructs the gocql client to connect only using the supplied hosts DisableInitialHostLookup bool `yaml:"disableInitialHostLookup"` // AddressTranslator translates Cassandra IP addresses, used for cases when IP addresses gocql driver returns are not accessible from the server AddressTranslator *CassandraAddressTranslator `yaml:"addressTranslator"` }
Cassandra contains configuration to connect to Cassandra cluster
type CassandraAddressTranslator ¶ added in v1.17.3
type CassandraConsistencySettings ¶
type CassandraConsistencySettings struct { // Consistency sets the default consistency level. Values identical to gocql Consistency values. (defaults to LOCAL_QUORUM if not set). Consistency string `yaml:"consistency"` // SerialConsistency sets the consistency for the serial prtion of queries. Values identical to gocql SerialConsistency values. (defaults to LOCAL_SERIAL if not set) SerialConsistency string `yaml:"serialConsistency"` }
CassandraConsistencySettings sets the default consistency level for regular & serial queries to Cassandra.
type CassandraStoreConsistency ¶
type CassandraStoreConsistency struct { // Default defines the consistency level for ALL stores. // Defaults to LOCAL_QUORUM and LOCAL_SERIAL if not set Default *CassandraConsistencySettings `yaml:"default"` }
CassandraStoreConsistency enables you to set the consistency settings for each Cassandra Persistence Store for Temporal
func (*CassandraStoreConsistency) GetConsistency ¶
func (c *CassandraStoreConsistency) GetConsistency() gocql.Consistency
GetConsistency returns the gosql.Consistency setting from the configuration for the given store type
func (*CassandraStoreConsistency) GetSerialConsistency ¶
func (c *CassandraStoreConsistency) GetSerialConsistency() gocql.SerialConsistency
GetSerialConsistency returns the gosql.SerialConsistency setting from the configuration for the store
type CertExpirationValidation ¶
type CertExpirationValidation struct { // Log warnings for certificates expiring during this time window from now WarningWindow time.Duration `yaml:"warningWindow"` // Log error for certificates expiring during this time window from now ErrorWindow time.Duration `yaml:"errorWindow"` // Interval between checks for certificate expiration CheckInterval time.Duration `yaml:"checkInterval"` }
CertExpirationValidation contains settings for periodic checks of TLS certificate expiration
type ClientTLS ¶
type ClientTLS struct { // DNS name to validate against for server to server connections. // Required when TLS is enabled in a multi-host cluster. // This name should be referenced by the certificate specified in the ServerTLS section. ServerName string `yaml:"serverName"` // If you want to verify the temporal server hostname and server cert, then you should turn this on // This option is basically equivalent to InSecureSkipVerify // See InSecureSkipVerify in http://golang.org/pkg/crypto/tls/ for more info DisableHostVerification bool `yaml:"disableHostVerification"` // Optional - A list of paths to files containing the PEM-encoded public key of the Certificate Authorities that are used to validate the server's TLS certificate // You cannot specify both RootCAFiles and RootCAData RootCAFiles []string `yaml:"rootCaFiles"` // Optional - A list of base64 PEM-encoded public keys of the Certificate Authorities that are used to validate the server's TLS certificate. // You cannot specify both RootCAFiles and RootCAData RootCAData []string `yaml:"rootCaData"` // Optional - Use TLS even is neither client certificate nor root CAs are configured // This is for non-mTLS cases when client validates serve against a set of trusted CA certificates configured in the environment ForceTLS bool `yaml:"forceTLS"` }
ClientTLS contains TLS configuration for clients within the Temporal Cluster to connect to Temporal nodes.
type Config ¶
type Config struct { // Global is process-wide service-related configuration Global Global `yaml:"global"` // Persistence contains the configuration for temporal datastores Persistence Persistence `yaml:"persistence"` // Log is the logging config Log log.Config `yaml:"log"` // ClusterMetadata is the config containing all valid clusters and active cluster ClusterMetadata *cluster.Config `yaml:"clusterMetadata"` // DCRedirectionPolicy contains the frontend datacenter redirection policy DCRedirectionPolicy DCRedirectionPolicy `yaml:"dcRedirectionPolicy"` // Services is a map of service name to service config items Services map[string]Service `yaml:"services"` // Archival is the config for archival Archival Archival `yaml:"archival"` // PublicClient is config for connecting to temporal frontend PublicClient PublicClient `yaml:"publicClient"` // DynamicConfigClient is the config for setting up the file based dynamic config client // Filepath should be relative to the root directory DynamicConfigClient *dynamicconfig.FileBasedClientConfig `yaml:"dynamicConfigClient"` // NamespaceDefaults is the default config for every namespace NamespaceDefaults NamespaceDefaults `yaml:"namespaceDefaults"` // ExporterConfig allows the specification of process-wide OTEL exporters ExporterConfig telemetry.ExportConfig `yaml:"otel"` }
Config contains the configuration for a set of temporal services
func LoadConfig ¶
Helper function for loading configuration
type CustomDatastoreConfig ¶
type CustomDatastoreConfig struct { // Name of the custom datastore Name string `yaml:"name"` // Options to be used by AbstractDatastoreFactory implementation Options map[string]any `yaml:"options"` }
CustomDatastoreConfig is the configuration for connecting to a custom datastore that is not supported by temporal core
type DCRedirectionPolicy ¶
DCRedirectionPolicy contains the frontend datacenter redirection policy
type DataStore ¶
type DataStore struct { // FaultInjection contains the config for fault injector wrapper. FaultInjection *FaultInjection `yaml:"faultInjection"` // Cassandra contains the config for a cassandra datastore Cassandra *Cassandra `yaml:"cassandra"` // SQL contains the config for a SQL based datastore SQL *SQL `yaml:"sql"` // Custom contains the config for custom datastore implementation CustomDataStoreConfig *CustomDatastoreConfig `yaml:"customDatastore"` // ElasticSearch contains the config for a ElasticSearch datastore Elasticsearch *client.Config `yaml:"elasticsearch"` }
DataStore is the configuration for a single datastore
type FaultInjection ¶ added in v1.12.0
type FaultInjection struct {
Rate float64 `yaml:"rate"`
}
type FilestoreArchiver ¶
FilestoreArchiver contain the config for filestore archiver
type Global ¶
type Global struct { // Membership is the ringpop related configuration Membership Membership `yaml:"membership"` // PProf is the PProf configuration PProf PProf `yaml:"pprof"` // TLS controls the communication encryption configuration TLS RootTLS `yaml:"tls"` // Metrics is the metrics subsystem configuration Metrics *metrics.Config `yaml:"metrics"` // Settings for authentication and authorization Authorization Authorization `yaml:"authorization"` }
Global contains config items that apply process-wide to all services
type GroupTLS ¶
type GroupTLS struct { // Client handles client TLS settings Client ClientTLS `yaml:"client"` // Server handles the server (listener) TLS settings Server ServerTLS `yaml:"server"` // PerHostOverrides contains per-hostname TLS settings that // are used for external clients connecting to the Temporal Cluster on that // specific hostname. Host names are case insensitive. Optional. If not present, // uses configuration supplied by Server field. PerHostOverrides map[string]ServerTLS `yaml:"hostOverrides"` }
GroupTLS contains an instance client and server TLS settings
func (*GroupTLS) IsClientEnabled ¶ added in v1.15.1
func (*GroupTLS) IsServerEnabled ¶ added in v1.15.1
type GstorageArchiver ¶
type GstorageArchiver struct {
CredentialsPath string `yaml:"credentialsPath"`
}
GstorageArchiver contain the config for google storage archiver
type HistoryArchival ¶
type HistoryArchival struct { // State is the state of history archival either: enabled, disabled, or paused State string `yaml:"state"` // EnableRead whether history can be read from archival EnableRead bool `yaml:"enableRead"` // Provider contains the config for all history archivers Provider *HistoryArchiverProvider `yaml:"provider"` }
HistoryArchival contains the config for history archival
type HistoryArchivalNamespaceDefaults ¶
type HistoryArchivalNamespaceDefaults struct { // State is the namespace default state of history archival: enabled or disabled State string `yaml:"state"` // URI is the namespace default URI for history archiver URI string `yaml:"URI"` }
HistoryArchivalNamespaceDefaults is the default history archival config for each namespace
type HistoryArchiverProvider ¶
type HistoryArchiverProvider struct { Filestore *FilestoreArchiver `yaml:"filestore"` Gstorage *GstorageArchiver `yaml:"gstorage"` S3store *S3Archiver `yaml:"s3store"` }
HistoryArchiverProvider contains the config for all history archivers
type JWTKeyProvider ¶
type JWTKeyProvider struct { KeySourceURIs []string `yaml:"keySourceURIs"` RefreshInterval time.Duration `yaml:"refreshInterval"` }
@@@SNIPSTART temporal-common-service-config-jwtkeyprovider Contains the config for signing key provider for validating JWT tokens
func (*JWTKeyProvider) HasSourceURIsConfigured ¶ added in v1.14.0
func (p *JWTKeyProvider) HasSourceURIsConfigured() bool
type Membership ¶
type Membership struct { // MaxJoinDuration is the max wait time to join the gossip ring MaxJoinDuration time.Duration `yaml:"maxJoinDuration"` // BroadcastAddress is used as the address that is communicated to remote nodes to connect on. // This is generally used when BindOnIP would be the same across several nodes (ie: 0.0.0.0) // and for nat traversal scenarios. Check net.ParseIP for supported syntax, only IPv4 is supported. BroadcastAddress string `yaml:"broadcastAddress"` }
Membership contains config items related to the membership layer of temporal
type NamespaceDefaults ¶
type NamespaceDefaults struct { // Archival is the default archival config for each namespace Archival ArchivalNamespaceDefaults `yaml:"archival"` }
NamespaceDefaults is the default config for each namespace
type PProf ¶
type PProf struct { // Port is the port on which the PProf will bind to Port int `yaml:"port"` }
PProf contains the config items for the pprof utility
type Persistence ¶
type Persistence struct { // DefaultStore is the name of the default data store to use DefaultStore string `yaml:"defaultStore" validate:"nonzero"` // VisibilityStore is the name of the datastore to be used for visibility records VisibilityStore string `yaml:"visibilityStore"` // AdvancedVisibilityStore is the name of the datastore to be used for visibility records AdvancedVisibilityStore string `yaml:"advancedVisibilityStore"` // NumHistoryShards is the desired number of history shards. This config doesn't // belong here, needs refactoring NumHistoryShards int32 `yaml:"numHistoryShards" validate:"nonzero"` // DataStores contains the configuration for all datastores DataStores map[string]DataStore `yaml:"datastores"` // TransactionSizeLimit is the largest allowed transaction size TransactionSizeLimit dynamicconfig.IntPropertyFn `yaml:"-" json:"-"` }
Persistence contains the configuration for data store / persistence layer
func (*Persistence) AdvancedVisibilityConfigExist ¶ added in v1.13.0
func (c *Persistence) AdvancedVisibilityConfigExist() bool
AdvancedVisibilityConfigExist returns whether user specified advancedVisibilityStore in config
func (*Persistence) DefaultStoreType ¶
func (c *Persistence) DefaultStoreType() string
DefaultStoreType returns the storeType for the default persistence store
func (*Persistence) StandardVisibilityConfigExist ¶ added in v1.13.0
func (c *Persistence) StandardVisibilityConfigExist() bool
StandardVisibilityConfigExist returns whether user specified visibilityStore in config
func (*Persistence) Validate ¶
func (c *Persistence) Validate() error
Validate validates the persistence config
type PublicClient ¶
type PublicClient struct { // HostPort is the host port to connect on. Host can be DNS name HostPort string `yaml:"hostPort"` }
PublicClient is config for internal nodes (history/matching/worker) connecting to temporal frontend. There are two methods of connecting: Explicit endpoint: Supply a host:port to connect to. This can resolve to multiple IPs, or a single IP that is a load-balancer. Membership resolver (new in 1.18): Leave this empty, and other nodes will use the membership service resolver to find the frontend. TODO: remove this and always use membership resolver
type RPC ¶
type RPC struct { // GRPCPort is the port on which gRPC will listen GRPCPort int `yaml:"grpcPort"` // Port used for membership listener MembershipPort int `yaml:"membershipPort"` // BindOnLocalHost is true if localhost is the bind address BindOnLocalHost bool `yaml:"bindOnLocalHost"` // BindOnIP can be used to bind service on specific ip (eg. `0.0.0.0`) - // check net.ParseIP for supported syntax, only IPv4 is supported, // mutually exclusive with `BindOnLocalHost` option BindOnIP string `yaml:"bindOnIP"` }
RPC contains the rpc config items
type ReplicationTaskProcessorConfig ¶
type ReplicationTaskProcessorConfig struct { NoTaskInitialWaitIntervalSecs int `yaml:"noTaskInitialWaitIntervalSecs"` NoTaskWaitBackoffCoefficient float64 `yaml:"noTaskWaitBackoffCoefficient"` NoTaskMaxWaitIntervalSecs int `yaml:"noTaskMaxWaitIntervalSecs"` }
ReplicationTaskProcessorConfig is the config for replication task processor.
type RootTLS ¶
type RootTLS struct { // Internode controls backend service communication TLS settings. Internode GroupTLS `yaml:"internode"` // Frontend controls SDK Client to Frontend communication TLS settings. Frontend GroupTLS `yaml:"frontend"` // SystemWorker controls TLS setting for System Workers connecting to Frontend. SystemWorker WorkerTLS `yaml:"systemWorker"` // RemoteFrontendClients controls TLS setting for talking to remote cluster. RemoteClusters map[string]GroupTLS `yaml:"remoteClusters"` // ExpirationChecks defines settings for periodic checks for expiration of certificates ExpirationChecks CertExpirationValidation `yaml:"expirationChecks"` // Interval between refreshes of certificates loaded from files RefreshInterval time.Duration `yaml:"refreshInterval"` }
RootTLS contains all TLS settings for the Temporal server
type S3Archiver ¶
type S3Archiver struct { Region string `yaml:"region"` Endpoint *string `yaml:"endpoint"` S3ForcePathStyle bool `yaml:"s3ForcePathStyle"` }
S3Archiver contains the config for S3 archiver
type SQL ¶
type SQL struct { // User is the username to be used for the conn User string `yaml:"user"` // Password is the password corresponding to the user name Password string `yaml:"password"` // PluginName is the name of SQL plugin PluginName string `yaml:"pluginName" validate:"nonzero"` // DatabaseName is the name of SQL database to connect to DatabaseName string `yaml:"databaseName" validate:"nonzero"` // ConnectAddr is the remote addr of the database ConnectAddr string `yaml:"connectAddr" validate:"nonzero"` // ConnectProtocol is the protocol that goes with the ConnectAddr ex - tcp, unix ConnectProtocol string `yaml:"connectProtocol" validate:"nonzero"` // ConnectAttributes is a set of key-value attributes to be sent as part of connect data_source_name url ConnectAttributes map[string]string `yaml:"connectAttributes"` // MaxConns the max number of connections to this datastore MaxConns int `yaml:"maxConns"` // MaxIdleConns is the max number of idle connections to this datastore MaxIdleConns int `yaml:"maxIdleConns"` // MaxConnLifetime is the maximum time a connection can be alive MaxConnLifetime time.Duration `yaml:"maxConnLifetime"` // EXPERIMENTAL - TaskScanPartitions is the number of partitions to sequentially scan during ListTaskQueue operations. // This is used for in a sharded sql database such as Vitess for heavy task workloads to minimize scatter gather. // The default value for this param is 1, and should not be configured without a thorough understanding of what this does. TaskScanPartitions int `yaml:"taskScanPartitions"` // TLS is the configuration for TLS connections TLS *auth.TLS `yaml:"tls"` }
SQL is the configuration for connecting to a SQL backed datastore
type ServerTLS ¶
type ServerTLS struct { // The path to the file containing the PEM-encoded public key of the certificate to use. CertFile string `yaml:"certFile"` // The path to the file containing the PEM-encoded private key of the certificate to use. KeyFile string `yaml:"keyFile"` // A list of paths to files containing the PEM-encoded public key of the Certificate Authorities you wish to trust for client authentication. // This value is ignored if `requireClientAuth` is not enabled. Cannot specify both ClientCAFiles and ClientCAData ClientCAFiles []string `yaml:"clientCaFiles"` // Base64 equivalents of the above artifacts. // You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData) CertData string `yaml:"certData"` KeyData string `yaml:"keyData"` ClientCAData []string `yaml:"clientCaData"` // Requires clients to authenticate with a certificate when connecting, otherwise known as mutual TLS. RequireClientAuth bool `yaml:"requireClientAuth"` }
ServerTLS contains items to load server TLS configuration
type Service ¶
type Service struct { // RPC is the rpc configuration RPC RPC `yaml:"rpc"` }
Service contains the service specific config items
type VisibilityArchival ¶
type VisibilityArchival struct { // State is the state of visibility archival either: enabled, disabled, or paused State string `yaml:"state"` // EnableRead whether visibility can be read from archival EnableRead bool `yaml:"enableRead"` // Provider contains the config for all visibility archivers Provider *VisibilityArchiverProvider `yaml:"provider"` }
VisibilityArchival contains the config for visibility archival
type VisibilityArchivalNamespaceDefaults ¶
type VisibilityArchivalNamespaceDefaults struct { // State is the namespace default state of visibility archival: enabled or disabled State string `yaml:"state"` // URI is the namespace default URI for visibility archiver URI string `yaml:"URI"` }
VisibilityArchivalNamespaceDefaults is the default visibility archival config for each namespace
type VisibilityArchiverProvider ¶
type VisibilityArchiverProvider struct { Filestore *FilestoreArchiver `yaml:"filestore"` S3store *S3Archiver `yaml:"s3store"` Gstorage *GstorageArchiver `yaml:"gstorage"` }
VisibilityArchiverProvider contains the config for all visibility archivers
type WorkerTLS ¶
type WorkerTLS struct { // The path to the file containing the PEM-encoded public key of the client certificate to use by system workers. CertFile string `yaml:"certFile"` // The path to the file containing the PEM-encoded private key of the client certificate to use by system workers. KeyFile string `yaml:"keyFile"` // Base64 equivalents of the above artifacts. // You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData) CertData string `yaml:"certData"` KeyData string `yaml:"keyData"` // Client TLS settings for system workers Client ClientTLS `yaml:"client"` }
WorkerTLS contains TLS configuration for system workers within the Temporal Cluster to connect to Temporal frontend.