Documentation ¶
Index ¶
- Constants
- Variables
- func ListenIP() (net.IP, error)
- func Load(env string, configDir string, zone string, config interface{}) error
- type Archival
- type ArchivalNamespaceDefaults
- type Authorization
- type Cassandra
- type CassandraAddressTranslator
- type CassandraConsistencySettings
- type CassandraStoreConsistency
- type CertExpirationValidation
- type ClientTLS
- type Config
- type CustomDatastoreConfig
- type DCRedirectionPolicy
- type DataStore
- type DataStoreName
- type FaultInjection
- type FaultInjectionDataStoreConfig
- type FaultInjectionMethodConfig
- type FaultInjectionTargets
- type FilestoreArchiver
- type Global
- type GroupTLS
- type GstorageArchiver
- type HistoryArchival
- type HistoryArchivalNamespaceDefaults
- type HistoryArchiverProvider
- type JWTKeyProvider
- type Membership
- type NamespaceDefaults
- type PProf
- type Persistence
- func (c *Persistence) AdvancedVisibilityConfigExist() bool
- func (c *Persistence) DefaultStoreType() string
- func (c *Persistence) GetSecondaryVisibilityStoreConfig() DataStore
- func (c *Persistence) GetVisibilityStoreConfig() DataStore
- func (c *Persistence) IsSQLVisibilityStore() bool
- func (c *Persistence) SecondaryVisibilityConfigExist() bool
- func (c *Persistence) StandardVisibilityConfigExist() bool
- func (c *Persistence) Validate() error
- type PublicClient
- type RPC
- type ReplicationTaskProcessorConfig
- type Replicator
- type RootTLS
- type S3Archiver
- type SQL
- type ServerTLS
- type Service
- type ServicePortMap
- type VisibilityArchival
- type VisibilityArchivalNamespaceDefaults
- type VisibilityArchiverProvider
- type WorkerTLS
Constants ¶
const ( // ArchivalEnabled is the state for enabling archival ArchivalEnabled = "enabled" // ArchivalDisabled is the state for disabling archival ArchivalDisabled = "disabled" // ArchivalPaused is the state for pausing archival ArchivalPaused = "paused" )
const ( ForceTLSConfigAuto = "" ForceTLSConfigInternode = "internode" ForceTLSConfigFrontend = "frontend" )
const ( // EnvKeyRoot the environment variable key for runtime root dir EnvKeyRoot = "TEMPORAL_ROOT" // EnvKeyConfigDir the environment variable key for config dir EnvKeyConfigDir = "TEMPORAL_CONFIG_DIR" // EnvKeyEnvironment is the environment variable key for environment EnvKeyEnvironment = "TEMPORAL_ENVIRONMENT" // EnvKeyAvailabilityZone is the environment variable key for AZ EnvKeyAvailabilityZone = "TEMPORAL_AVAILABILITY_ZONE" // EnvKeyAvailabilityZoneTypo is the old environment variable key for AZ that // included a typo. This is deprecated and only here to support backwards // compatibility. EnvKeyAvailabilityZoneTypo = "TEMPORAL_AVAILABILTY_ZONE" // EnvKeyAllowNoAuth is the environment variable key for setting no authorizer EnvKeyAllowNoAuth = "TEMPORAL_ALLOW_NO_AUTH" )
const ( // StoreTypeSQL refers to sql based storage as persistence store StoreTypeSQL = "sql" // StoreTypeNoSQL refers to nosql based storage as persistence store StoreTypeNoSQL = "nosql" )
Variables ¶
var Module = fx.Provide(
provideRPCConfig,
provideMembershipConfig,
provideServicePortMap,
)
Functions ¶
func ListenIP ¶
ListenIP returns the IP to bind to in Listen. It tries to find an IP that can be used by other machines to reach this machine.
func Load ¶
Load loads the configuration from a set of yaml config files found in the config directory
The loader first fetches the set of files matching a pre-determined naming convention, then sorts them by hierarchy order and after that, simply loads the files one after another with the key/values in the later files overriding the key/values in the earlier files
The hierarchy is as follows from lowest to highest
base.yaml env.yaml -- environment is one of the input params ex-development env_az.yaml -- zone is another input param
Types ¶
type Archival ¶
type Archival struct { // History is the config for the history archival History HistoryArchival `yaml:"history"` // Visibility is the config for visibility archival Visibility VisibilityArchival `yaml:"visibility"` }
Archival contains the config for archival
func (*Archival) Validate ¶
func (a *Archival) Validate(namespaceDefaults *ArchivalNamespaceDefaults) error
Validate validates the archival config
type ArchivalNamespaceDefaults ¶
type ArchivalNamespaceDefaults struct { // History is the namespace default history archival config for each namespace History HistoryArchivalNamespaceDefaults `yaml:"history"` // Visibility is the namespace default visibility archival config for each namespace Visibility VisibilityArchivalNamespaceDefaults `yaml:"visibility"` }
ArchivalNamespaceDefaults is the default archival config for each namespace
type Authorization ¶
type Authorization struct { // Signing key provider for validating JWT tokens JWTKeyProvider JWTKeyProvider `yaml:"jwtKeyProvider"` PermissionsClaimName string `yaml:"permissionsClaimName"` // Empty string for noopAuthorizer or "default" for defaultAuthorizer Authorizer string `yaml:"authorizer"` // Empty string for noopClaimMapper or "default" for defaultJWTClaimMapper ClaimMapper string `yaml:"claimMapper"` }
type Cassandra ¶
type Cassandra struct { // Hosts is a csv of cassandra endpoints Hosts string `yaml:"hosts" validate:"nonzero"` // Port is the cassandra port used for connection by gocql client Port int `yaml:"port"` // User is the cassandra user used for authentication by gocql client User string `yaml:"user"` // Password is the cassandra password used for authentication by gocql client Password string `yaml:"password"` // keyspace is the cassandra keyspace Keyspace string `yaml:"keyspace" validate:"nonzero"` // Datacenter is the data center filter arg for cassandra Datacenter string `yaml:"datacenter"` // MaxConns is the max number of connections to this datastore for a single keyspace MaxConns int `yaml:"maxConns"` // ConnectTimeout is a timeout for initial dial to cassandra server (default: 600 milliseconds) ConnectTimeout time.Duration `yaml:"connectTimeout"` // TLS configuration TLS *auth.TLS `yaml:"tls"` // Consistency configuration (defaults to LOCAL_QUORUM / LOCAL_SERIAL for all stores if this field not set) Consistency *CassandraStoreConsistency `yaml:"consistency"` // DisableInitialHostLookup instructs the gocql client to connect only using the supplied hosts DisableInitialHostLookup bool `yaml:"disableInitialHostLookup"` // AddressTranslator translates Cassandra IP addresses, used for cases when IP addresses gocql driver returns are not accessible from the server AddressTranslator *CassandraAddressTranslator `yaml:"addressTranslator"` }
Cassandra contains configuration to connect to Cassandra cluster
type CassandraAddressTranslator ¶ added in v1.17.3
type CassandraConsistencySettings ¶
type CassandraConsistencySettings struct { // Consistency sets the default consistency level. Values identical to gocql Consistency values. (defaults to LOCAL_QUORUM if not set). Consistency string `yaml:"consistency"` // SerialConsistency sets the consistency for the serial prtion of queries. Values identical to gocql SerialConsistency values. (defaults to LOCAL_SERIAL if not set) SerialConsistency string `yaml:"serialConsistency"` }
CassandraConsistencySettings sets the default consistency level for regular & serial queries to Cassandra.
type CassandraStoreConsistency ¶
type CassandraStoreConsistency struct { // Default defines the consistency level for ALL stores. // Defaults to LOCAL_QUORUM and LOCAL_SERIAL if not set Default *CassandraConsistencySettings `yaml:"default"` }
CassandraStoreConsistency enables you to set the consistency settings for each Cassandra Persistence Store for Temporal
func (*CassandraStoreConsistency) GetConsistency ¶
func (c *CassandraStoreConsistency) GetConsistency() gocql.Consistency
GetConsistency returns the gosql.Consistency setting from the configuration for the given store type
func (*CassandraStoreConsistency) GetSerialConsistency ¶
func (c *CassandraStoreConsistency) GetSerialConsistency() gocql.SerialConsistency
GetSerialConsistency returns the gosql.SerialConsistency setting from the configuration for the store
type CertExpirationValidation ¶
type CertExpirationValidation struct { // Log warnings for certificates expiring during this time window from now WarningWindow time.Duration `yaml:"warningWindow"` // Log error for certificates expiring during this time window from now ErrorWindow time.Duration `yaml:"errorWindow"` // Interval between checks for certificate expiration CheckInterval time.Duration `yaml:"checkInterval"` }
CertExpirationValidation contains settings for periodic checks of TLS certificate expiration
type ClientTLS ¶
type ClientTLS struct { // DNS name to validate against for server to server connections. // Required when TLS is enabled in a multi-host cluster. // This name should be referenced by the certificate specified in the ServerTLS section. ServerName string `yaml:"serverName"` // If you want to verify the temporal server hostname and server cert, then you should turn this on // This option is basically equivalent to InSecureSkipVerify // See InSecureSkipVerify in http://golang.org/pkg/crypto/tls/ for more info DisableHostVerification bool `yaml:"disableHostVerification"` // Optional - A list of paths to files containing the PEM-encoded public key of the Certificate Authorities that are used to validate the server's TLS certificate // You cannot specify both RootCAFiles and RootCAData RootCAFiles []string `yaml:"rootCaFiles"` // Optional - A list of base64 PEM-encoded public keys of the Certificate Authorities that are used to validate the server's TLS certificate. // You cannot specify both RootCAFiles and RootCAData RootCAData []string `yaml:"rootCaData"` // Optional - Use TLS even is neither client certificate nor root CAs are configured // This is for non-mTLS cases when client validates serve against a set of trusted CA certificates configured in the environment ForceTLS bool `yaml:"forceTLS"` }
ClientTLS contains TLS configuration for clients within the Temporal Cluster to connect to Temporal nodes.
type Config ¶
type Config struct { // Global is process-wide service-related configuration Global Global `yaml:"global"` // Persistence contains the configuration for temporal datastores Persistence Persistence `yaml:"persistence"` // Log is the logging config Log log.Config `yaml:"log"` // ClusterMetadata is the config containing all valid clusters and active cluster ClusterMetadata *cluster.Config `yaml:"clusterMetadata"` // DCRedirectionPolicy contains the frontend datacenter redirection policy DCRedirectionPolicy DCRedirectionPolicy `yaml:"dcRedirectionPolicy"` // Services is a map of service name to service config items Services map[string]Service `yaml:"services"` // Archival is the config for archival Archival Archival `yaml:"archival"` // PublicClient is config for connecting to temporal frontend PublicClient PublicClient `yaml:"publicClient"` // DynamicConfigClient is the config for setting up the file based dynamic config client // Filepath should be relative to the root directory DynamicConfigClient *dynamicconfig.FileBasedClientConfig `yaml:"dynamicConfigClient"` // NamespaceDefaults is the default config for every namespace NamespaceDefaults NamespaceDefaults `yaml:"namespaceDefaults"` // ExporterConfig allows the specification of process-wide OTEL exporters ExporterConfig telemetry.ExportConfig `yaml:"otel"` }
Config contains the configuration for a set of temporal services
func LoadConfig ¶
Helper function for loading configuration
type CustomDatastoreConfig ¶
type CustomDatastoreConfig struct { // Name of the custom datastore Name string `yaml:"name"` // Options to be used by AbstractDatastoreFactory implementation Options map[string]any `yaml:"options"` }
CustomDatastoreConfig is the configuration for connecting to a custom datastore that is not supported by temporal core
type DCRedirectionPolicy ¶
type DCRedirectionPolicy struct {
Policy string `yaml:"policy"`
}
DCRedirectionPolicy contains the frontend datacenter redirection policy
type DataStore ¶
type DataStore struct { // FaultInjection contains the config for fault injector wrapper. FaultInjection *FaultInjection `yaml:"faultInjection"` // Cassandra contains the config for a cassandra datastore Cassandra *Cassandra `yaml:"cassandra"` // SQL contains the config for a SQL based datastore SQL *SQL `yaml:"sql"` // Custom contains the config for custom datastore implementation CustomDataStoreConfig *CustomDatastoreConfig `yaml:"customDatastore"` // ElasticSearch contains the config for a ElasticSearch datastore Elasticsearch *client.Config `yaml:"elasticsearch"` }
DataStore is the configuration for a single datastore
func (*DataStore) GetIndexName ¶ added in v1.21.0
type DataStoreName ¶ added in v1.20.0
type DataStoreName string
DataStoreName is the name of a datastore, e.g. "ShardStore". The full list is defined later in this file.
const ( ShardStoreName DataStoreName = "ShardStore" TaskStoreName DataStoreName = "TaskStore" MetadataStoreName DataStoreName = "MetadataStore" ExecutionStoreName DataStoreName = "ExecutionStore" QueueName DataStoreName = "Queue" ClusterMDStoreName DataStoreName = "ClusterMDStore" )
type FaultInjection ¶ added in v1.12.0
type FaultInjection struct { // Rate is the probability that we will return an error from any call to any datastore. // The value should be between 0.0 and 1.0. // The fault injector will inject different errors depending on the data store and method. See the // implementation for details. // This field is ignored if Targets is non-empty. Rate float64 `yaml:"rate"` // Targets is a mapping of data store name to a targeted fault injection config for that data store. // If Targets is non-empty, then Rate is ignored. // Here is an example config for targeted fault injection. This config will inject errors into the // UpdateShard method of the ShardStore at a rate of 100%. No other methods will be affected. /* targets: dataStores: ShardStore: methods: UpdateShard: seed: 42 errors: ShardOwnershipLostError: 1.0 # all UpdateShard calls will fail with ShardOwnershipLostError */ // This will cause the UpdateShard method of the ShardStore to always return ShardOwnershipLostError. Targets FaultInjectionTargets `yaml:"targets"` }
type FaultInjectionDataStoreConfig ¶ added in v1.20.0
type FaultInjectionDataStoreConfig struct { // Methods is a map of data store method name to a fault injection config for that method. // We create an error generator that infers the method name from the call stack using reflection. // For example, if a test with targeted fault injection enabled calls ShardStore.UpdateShard, then // we fetch the error generator from this map using the key "UpdateShard". // The key is the name of the method to inject faults for. // The value is the config for that method. Methods map[string]FaultInjectionMethodConfig `yaml:"methods"` }
FaultInjectionDataStoreConfig is the fault injection config for a single datastore, e.g., the ShardStore.
type FaultInjectionMethodConfig ¶ added in v1.20.0
type FaultInjectionMethodConfig struct { // Errors is a map of error type to probability of returning that error. // For example: `ShardOwnershipLostError: 0.1` will cause the method to return a ShardOwnershipLostError 10% of // the time. // The other 90% of the time, the method will call the underlying datastore. // If there are multiple errors for a method, the probability of each error is independent of the others. // For example, if there are two errors with probabilities 0.1 and 0.2, then the first error will be returned // 10% of the time, the second error will be returned 20% of the time, // and the underlying method will be called 70% of the time. Errors map[string]float64 `yaml:"errors"` // Seed is the seed for the random number generator used to sample faults from the Errors map. You can use this // to make the fault injection deterministic. // If the test config does not set this to a non-zero number, the fault injector will set it to the current time // in nanoseconds. Seed int64 `yaml:"seed"` }
FaultInjectionMethodConfig is the fault injection config for a single method of a data store.
type FaultInjectionTargets ¶ added in v1.20.0
type FaultInjectionTargets struct { // DataStores is a map of datastore name to fault injection config. // Use this to configure fault injection for specific datastores. The key is the name of the datastore, // e.g. "ShardStore". See DataStoreName for the list of valid datastore names. DataStores map[DataStoreName]FaultInjectionDataStoreConfig `yaml:"dataStores"` }
FaultInjectionTargets is the set of targets for fault injection. A target is a method of a data store.
type FilestoreArchiver ¶
FilestoreArchiver contain the config for filestore archiver
type Global ¶
type Global struct { // Membership is the ringpop related configuration Membership Membership `yaml:"membership"` // PProf is the PProf configuration PProf PProf `yaml:"pprof"` // TLS controls the communication encryption configuration TLS RootTLS `yaml:"tls"` // Metrics is the metrics subsystem configuration Metrics *metrics.Config `yaml:"metrics"` // Settings for authentication and authorization Authorization Authorization `yaml:"authorization"` }
Global contains config items that apply process-wide to all services
type GroupTLS ¶
type GroupTLS struct { // Client handles client TLS settings Client ClientTLS `yaml:"client"` // Server handles the server (listener) TLS settings Server ServerTLS `yaml:"server"` // PerHostOverrides contains per-hostname TLS settings that // are used for external clients connecting to the Temporal Cluster on that // specific hostname. Host names are case insensitive. Optional. If not present, // uses configuration supplied by Server field. PerHostOverrides map[string]ServerTLS `yaml:"hostOverrides"` }
GroupTLS contains an instance client and server TLS settings
func (*GroupTLS) IsClientEnabled ¶ added in v1.15.1
func (*GroupTLS) IsServerEnabled ¶ added in v1.15.1
type GstorageArchiver ¶
type GstorageArchiver struct {
CredentialsPath string `yaml:"credentialsPath"`
}
GstorageArchiver contain the config for google storage archiver
type HistoryArchival ¶
type HistoryArchival struct { // State is the state of history archival either: enabled, disabled, or paused State string `yaml:"state"` // EnableRead whether history can be read from archival EnableRead bool `yaml:"enableRead"` // Provider contains the config for all history archivers Provider *HistoryArchiverProvider `yaml:"provider"` }
HistoryArchival contains the config for history archival
type HistoryArchivalNamespaceDefaults ¶
type HistoryArchivalNamespaceDefaults struct { // State is the namespace default state of history archival: enabled or disabled State string `yaml:"state"` // URI is the namespace default URI for history archiver URI string `yaml:"URI"` }
HistoryArchivalNamespaceDefaults is the default history archival config for each namespace
type HistoryArchiverProvider ¶
type HistoryArchiverProvider struct { Filestore *FilestoreArchiver `yaml:"filestore"` Gstorage *GstorageArchiver `yaml:"gstorage"` S3store *S3Archiver `yaml:"s3store"` }
HistoryArchiverProvider contains the config for all history archivers
type JWTKeyProvider ¶
type JWTKeyProvider struct { KeySourceURIs []string `yaml:"keySourceURIs"` RefreshInterval time.Duration `yaml:"refreshInterval"` }
@@@SNIPSTART temporal-common-service-config-jwtkeyprovider Contains the config for signing key provider for validating JWT tokens
func (*JWTKeyProvider) HasSourceURIsConfigured ¶ added in v1.14.0
func (p *JWTKeyProvider) HasSourceURIsConfigured() bool
type Membership ¶
type Membership struct { // MaxJoinDuration is the max wait time to join the gossip ring MaxJoinDuration time.Duration `yaml:"maxJoinDuration"` // BroadcastAddress is used as the address that is communicated to remote nodes to connect on. // This is generally used when BindOnIP would be the same across several nodes (ie: 0.0.0.0) // and for nat traversal scenarios. Check net.ParseIP for supported syntax, only IPv4 is supported. BroadcastAddress string `yaml:"broadcastAddress"` }
Membership contains config items related to the membership layer of temporal
type NamespaceDefaults ¶
type NamespaceDefaults struct { // Archival is the default archival config for each namespace Archival ArchivalNamespaceDefaults `yaml:"archival"` }
NamespaceDefaults is the default config for each namespace
type PProf ¶
type PProf struct { // Port is the port on which the PProf will bind to Port int `yaml:"port"` }
PProf contains the config items for the pprof utility
type Persistence ¶
type Persistence struct { // DefaultStore is the name of the default data store to use DefaultStore string `yaml:"defaultStore" validate:"nonzero"` // VisibilityStore is the name of the datastore to be used for visibility records VisibilityStore string `yaml:"visibilityStore"` // SecondaryVisibilityStore is the name of the secondary datastore to be used for visibility records SecondaryVisibilityStore string `yaml:"secondaryVisibilityStore"` // DEPRECATED: use VisibilityStore key instead of AdvancedVisibilityStore // AdvancedVisibilityStore is the name of the datastore to be used for visibility records AdvancedVisibilityStore string `yaml:"advancedVisibilityStore"` // NumHistoryShards is the desired number of history shards. This config doesn't // belong here, needs refactoring NumHistoryShards int32 `yaml:"numHistoryShards" validate:"nonzero"` // DataStores contains the configuration for all datastores DataStores map[string]DataStore `yaml:"datastores"` // TransactionSizeLimit is the largest allowed transaction size TransactionSizeLimit dynamicconfig.IntPropertyFn `yaml:"-" json:"-"` }
Persistence contains the configuration for data store / persistence layer
func (*Persistence) AdvancedVisibilityConfigExist ¶ added in v1.13.0
func (c *Persistence) AdvancedVisibilityConfigExist() bool
AdvancedVisibilityConfigExist returns whether user specified advancedVisibilityStore in config
func (*Persistence) DefaultStoreType ¶
func (c *Persistence) DefaultStoreType() string
DefaultStoreType returns the storeType for the default persistence store
func (*Persistence) GetSecondaryVisibilityStoreConfig ¶ added in v1.21.0
func (c *Persistence) GetSecondaryVisibilityStoreConfig() DataStore
func (*Persistence) GetVisibilityStoreConfig ¶ added in v1.21.0
func (c *Persistence) GetVisibilityStoreConfig() DataStore
func (*Persistence) IsSQLVisibilityStore ¶ added in v1.20.0
func (c *Persistence) IsSQLVisibilityStore() bool
func (*Persistence) SecondaryVisibilityConfigExist ¶ added in v1.21.0
func (c *Persistence) SecondaryVisibilityConfigExist() bool
SecondaryVisibilityConfigExist returns whether user specified secondaryVisibilityStore in config
func (*Persistence) StandardVisibilityConfigExist ¶ added in v1.13.0
func (c *Persistence) StandardVisibilityConfigExist() bool
StandardVisibilityConfigExist returns whether user specified visibilityStore in config
func (*Persistence) Validate ¶
func (c *Persistence) Validate() error
Validate validates the persistence config
type PublicClient ¶
type PublicClient struct { // HostPort is the host port to connect on. Host can be DNS name. See the above // comment: in many situations you can leave this empty. HostPort string `yaml:"hostPort"` // Force selection of either the "internode" or "frontend" TLS configs for these // connections (only those two strings are valid). ForceTLSConfig string `yaml:"forceTLSConfig"` }
PublicClient is the config for internal nodes (history/matching/worker) connecting to frontend. There are three methods of connecting:
- Use membership to locate "internal-frontend" and connect to them using the Internode TLS config (which can be "no TLS"). This is recommended for deployments that use an Authorizer and ClaimMapper. To use this, leave this section out of your config, and make sure there is an "internal-frontend" section in Services.
- Use membership to locate "frontend" and connect to them using the Frontend TLS config (which can be "no TLS"). This is recommended for deployments that don't use an Authorizer or ClaimMapper, or have implemented a custom ClaimMapper that correctly identifies the system worker using mTLS and assigns it an Admin-level claim. To use this, leave this section out of your config and make sure there is _no_ "internal-frontend" section in Services.
- Connect to an explicit endpoint using the SystemWorker (falling back to Frontend) TLS config (which can be "no TLS"). You can use this if you want to force frontend connections to go through an external load balancer. If you use this with a ClaimMapper+Authorizer, you need to ensure that your ClaimMapper assigns Admin claims to worker nodes, and your Authorizer correctly handles those claims.
type RPC ¶
type RPC struct { // GRPCPort is the port on which gRPC will listen GRPCPort int `yaml:"grpcPort"` // Port used for membership listener MembershipPort int `yaml:"membershipPort"` // BindOnLocalHost is true if localhost is the bind address BindOnLocalHost bool `yaml:"bindOnLocalHost"` // BindOnIP can be used to bind service on specific ip (eg. `0.0.0.0`) - // check net.ParseIP for supported syntax, only IPv4 is supported, // mutually exclusive with `BindOnLocalHost` option BindOnIP string `yaml:"bindOnIP"` }
RPC contains the rpc config items
type ReplicationTaskProcessorConfig ¶
type ReplicationTaskProcessorConfig struct { NoTaskInitialWaitIntervalSecs int `yaml:"noTaskInitialWaitIntervalSecs"` NoTaskWaitBackoffCoefficient float64 `yaml:"noTaskWaitBackoffCoefficient"` NoTaskMaxWaitIntervalSecs int `yaml:"noTaskMaxWaitIntervalSecs"` }
ReplicationTaskProcessorConfig is the config for replication task processor.
type RootTLS ¶
type RootTLS struct { // Internode controls backend service (history, matching, internal-frontend) // communication TLS settings. Internode GroupTLS `yaml:"internode"` // Frontend controls frontend server TLS settings. To control system worker -> frontend // TLS, use the SystemWorker field. (Frontend.Client is accepted for backwards // compatibility.) Frontend GroupTLS `yaml:"frontend"` // SystemWorker controls TLS setting for System Workers connecting to Frontend. SystemWorker WorkerTLS `yaml:"systemWorker"` // RemoteFrontendClients controls TLS setting for talking to remote cluster. RemoteClusters map[string]GroupTLS `yaml:"remoteClusters"` // ExpirationChecks defines settings for periodic checks for expiration of certificates ExpirationChecks CertExpirationValidation `yaml:"expirationChecks"` // Interval between refreshes of certificates loaded from files RefreshInterval time.Duration `yaml:"refreshInterval"` }
RootTLS contains all TLS settings for the Temporal server
type S3Archiver ¶
type S3Archiver struct { Region string `yaml:"region"` Endpoint *string `yaml:"endpoint"` S3ForcePathStyle bool `yaml:"s3ForcePathStyle"` }
S3Archiver contains the config for S3 archiver
type SQL ¶
type SQL struct { // User is the username to be used for the conn User string `yaml:"user"` // Password is the password corresponding to the user name Password string `yaml:"password"` // PluginName is the name of SQL plugin PluginName string `yaml:"pluginName" validate:"nonzero"` // DatabaseName is the name of SQL database to connect to DatabaseName string `yaml:"databaseName" validate:"nonzero"` // ConnectAddr is the remote addr of the database ConnectAddr string `yaml:"connectAddr" validate:"nonzero"` // ConnectProtocol is the protocol that goes with the ConnectAddr ex - tcp, unix ConnectProtocol string `yaml:"connectProtocol" validate:"nonzero"` // ConnectAttributes is a set of key-value attributes to be sent as part of connect data_source_name url ConnectAttributes map[string]string `yaml:"connectAttributes"` // MaxConns the max number of connections to this datastore MaxConns int `yaml:"maxConns"` // MaxIdleConns is the max number of idle connections to this datastore MaxIdleConns int `yaml:"maxIdleConns"` // MaxConnLifetime is the maximum time a connection can be alive MaxConnLifetime time.Duration `yaml:"maxConnLifetime"` // EXPERIMENTAL - TaskScanPartitions is the number of partitions to sequentially scan during ListTaskQueue operations. // This is used for in a sharded sql database such as Vitess for heavy task workloads to minimize scatter gather. // The default value for this param is 1, and should not be configured without a thorough understanding of what this does. TaskScanPartitions int `yaml:"taskScanPartitions"` // TLS is the configuration for TLS connections TLS *auth.TLS `yaml:"tls"` }
SQL is the configuration for connecting to a SQL backed datastore
type ServerTLS ¶
type ServerTLS struct { // The path to the file containing the PEM-encoded public key of the certificate to use. CertFile string `yaml:"certFile"` // The path to the file containing the PEM-encoded private key of the certificate to use. KeyFile string `yaml:"keyFile"` // A list of paths to files containing the PEM-encoded public key of the Certificate Authorities you wish to trust for client authentication. // This value is ignored if `requireClientAuth` is not enabled. Cannot specify both ClientCAFiles and ClientCAData ClientCAFiles []string `yaml:"clientCaFiles"` // Base64 equivalents of the above artifacts. // You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData) CertData string `yaml:"certData"` KeyData string `yaml:"keyData"` ClientCAData []string `yaml:"clientCaData"` // Requires clients to authenticate with a certificate when connecting, otherwise known as mutual TLS. RequireClientAuth bool `yaml:"requireClientAuth"` }
ServerTLS contains items to load server TLS configuration
type Service ¶
type Service struct { // RPC is the rpc configuration RPC RPC `yaml:"rpc"` }
Service contains the service specific config items
type ServicePortMap ¶ added in v1.21.0
type ServicePortMap map[primitives.ServiceName]int
ServicePortMap contains the gRPC ports for our services.
type VisibilityArchival ¶
type VisibilityArchival struct { // State is the state of visibility archival either: enabled, disabled, or paused State string `yaml:"state"` // EnableRead whether visibility can be read from archival EnableRead bool `yaml:"enableRead"` // Provider contains the config for all visibility archivers Provider *VisibilityArchiverProvider `yaml:"provider"` }
VisibilityArchival contains the config for visibility archival
type VisibilityArchivalNamespaceDefaults ¶
type VisibilityArchivalNamespaceDefaults struct { // State is the namespace default state of visibility archival: enabled or disabled State string `yaml:"state"` // URI is the namespace default URI for visibility archiver URI string `yaml:"URI"` }
VisibilityArchivalNamespaceDefaults is the default visibility archival config for each namespace
type VisibilityArchiverProvider ¶
type VisibilityArchiverProvider struct { Filestore *FilestoreArchiver `yaml:"filestore"` S3store *S3Archiver `yaml:"s3store"` Gstorage *GstorageArchiver `yaml:"gstorage"` }
VisibilityArchiverProvider contains the config for all visibility archivers
type WorkerTLS ¶
type WorkerTLS struct { // The path to the file containing the PEM-encoded public key of the client certificate to use by system workers. CertFile string `yaml:"certFile"` // The path to the file containing the PEM-encoded private key of the client certificate to use by system workers. KeyFile string `yaml:"keyFile"` // Base64 equivalents of the above artifacts. // You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData) CertData string `yaml:"certData"` KeyData string `yaml:"keyData"` // Client TLS settings for system workers Client ClientTLS `yaml:"client"` }
WorkerTLS contains TLS configuration for system workers within the Temporal Cluster to connect to Temporal frontend.