Configuring YAML Overrides
Here you can find a summary of the AtScale attributes that can be modified. Unless otherwise noted, all attributes are effective as of the AtScale 7.4.0 release.
Procedure
-
Open the
/opt/atscale/conf/atscale.yaml
with text editor. -
Edit entries as needed, save the file.
-
Run the
configurator.sh
script to apply the configuration change:/opt/atscale/current/bin/configurator.sh --apply
agent
agent is configuration notification. Effective as of the AtScale 2019.3.0 release.
agent:
logbundle_location: '{{ atscale_log_location }}/bundles'
port:
http: 10525
egress
egress is used for AtScale database leader service and database queries.
egress:
ports:
stats: 10517
resolvers:
enabled: false
timeout:
client: 130m
server: 130m
coordinator
coordinator is used for a service that determines the current engine leader for singleton operations.
coordinator:
base_path: /atscale
id: 1
ports:
client: 10513
connect: 1050
election: 10506
data_agent
data_agent is data segment listener. Effective as of the AtScale 2019.3.0 release.
data_agent:
memory: 2G
ports:
http: 10502
remoting: 10507
directory
directory is used for non-production authorization.
directory:
ports:
ldap: 10514
engine
engine is used for modeler requests, engine to engine communication, AtScale authorization services, and coordinator requests.
engine:
memory: 8G
ports:
http: 10502
remoting: 10507
health
health is used for checking the status of other services. Effective as of the AtScale 2019.3.0 release.
health:
ports:
http: 10526
hosts
hosts contains configuration attributes
about all of the machines, nodes and hosts in the AtScale cluster.
Includes hostname
, dnsname
, and services per host. Can also include
overrides (where coordinator.id
is the most commonly overridden
attribute).
hosts:
- dnsname: '### Fully qualified domain name for the host running atscale'
hostname: '### Hostname if different from the DNS entry. (ie: what hostname -f returns)'
services:
- atscale
- coordinator
service_registry.bind_addr
service_registry.bind_addr is used in cases when the host has more than one private IP address, to tell the AtScale Service Registry which IP address to use (or the service will fail to start).
hosts:
- dnsname: atscale-01.local.atscale.com
hostname: atscale-01.local.atscale.com
override:
service_registry:
bind_addr: 1.2.3.4
ingress
ingress is used for exposing HTTP and HTTPS routes to the agent and health services within the node. Effective as of the AtScale 2019.3.0 release.
ingress:
keepalive_timeout: 65
worker_connections: 1024
worker_processes: 1
installation_location: Path where atscale is installed
kerberos
kerberos contains attributes associated with the Kerberos Authentication Protocol. When using Keytab file (see Configuring Kerberos), this section contains the following entries:
kerberos:
enabled: false
keytab: "/opt/atscale/conf/atscale.keytab"
principal: "atscaler/host.domain@REALM"
When using Kerberos Credential Cache, this section contains the following entries:
kerberos:
enabled: true
cache:
enabled: true
file: "/home/atscaler/kerberos/krb5cc_atscaler"
principal: "atscaler/atscale-ha-node-lb.docker.infra.atscale.com@CORPTEST.INFRA.ATSCALE.COM"
loadbalancer_dns_name
loadbalancer_dns_name is used for setting
the DNS
entry used to get to AtScale.
loadbalancer_dns_name: '### DNS entry used to get to atscale'
modeler
modeler contains attributes related to the AtScale Design Center Web application service and authorization messages.
modeler:
ports:
authorization: 10503
http: 10500
service_account
service_account is used for setting the user running the service.
service_account: '### user running the service'
tls
tls contains attributes related to Transport Layer Security.
tls:
certificate: /opt/atscale/conf/server.cert
enabled: false
key: /opt/atscale/conf/server.key
auth_address
auth_address is used for restricting how
the atscale_super
user can connect to the PostgreSQL database.
Effective as of the AtScale 2021.3.1 release. Can have one of the
following values:
- `all`: the
atscale_super
user can connect remotely from any machine that can access AtScale node. This is the default value. - `samenet`: the
atscale_super
user can connect remotely from any machine in the same network as AtScale Node. - `samehost`: the
atscale_super
user cannot connect remotely. Only applicable for single node installation, should not be used for cluster installation.
database:
security:
super:
auth_address: all