Skip to main content
Version: I2024.2.x

Configuring YAML Overrides

Here you can find a summary of the AtScale attributes that can be modified. Unless otherwise noted, all attributes are effective as of the AtScale 7.4.0 release.

Procedure

  1. Open the /opt/atscale/conf/atscale.yaml with text editor.

  2. Edit entries as needed, save the file.

  3. Run the configurator.sh script to apply the configuration change:

    /opt/atscale/current/bin/configurator.sh --apply

agent

agent is configuration notification. Effective as of the AtScale 2019.3.0 release.

agent:
  logbundle_location: '{{ atscale_log_location }}/bundles'
  port:
    http: 10525

egress

egress is used for AtScale database leader service and database queries.

egress:
  ports:
    stats: 10517
  resolvers:
    enabled: false
  timeout:
    client: 130m
    server: 130m

coordinator

coordinator is used for a service that determines the current engine leader for singleton operations.

coordinator:
  base_path: /atscale
  id: 1
  ports:
    client: 10513
    connect: 1050
    election: 10506

data_agent

data_agent is data segment listener. Effective as of the AtScale 2019.3.0 release.

data_agent:
  memory: 2G
  ports:
    http: 10502
    remoting: 10507

directory

directory is used for non-production authorization.

directory:
  ports:
    ldap: 10514

engine

engine is used for modeler requests, engine to engine communication, AtScale authorization services, and coordinator requests.

engine:
  memory: 8G
  ports:
    http: 10502
    remoting: 10507

health

health is used for checking the status of other services. Effective as of the AtScale 2019.3.0 release.

health:
  ports:
    http: 10526

hosts

hosts contains configuration attributes about all of the machines, nodes and hosts in the AtScale cluster. Includes hostname, dnsname, and services per host. Can also include overrides (where coordinator.id is the most commonly overridden attribute).

hosts:
- dnsname: '### Fully qualified domain name for the host running atscale'
  hostname: '### Hostname if different from the DNS entry. (ie: what hostname -f returns)'
  services:
  - atscale
  - coordinator

service_registry.bind_addr

service_registry.bind_addr is used in cases when the host has more than one private IP address, to tell the AtScale Service Registry which IP address to use (or the service will fail to start).

hosts:
- dnsname: atscale-01.local.atscale.com
  hostname: atscale-01.local.atscale.com
  override:
      service_registry:
          bind_addr: 1.2.3.4

ingress

ingress is used for exposing HTTP and HTTPS routes to the agent and health services within the node. Effective as of the AtScale 2019.3.0 release.

ingress:
  keepalive_timeout: 65
  worker_connections: 1024
  worker_processes: 1
installation_location: Path where atscale is installed

kerberos

kerberos contains attributes associated with the Kerberos Authentication Protocol. When using Keytab file (see Configuring Kerberos), this section contains the following entries:

kerberos:
  enabled: false
  keytab: "/opt/atscale/conf/atscale.keytab"
  principal: "atscaler/host.domain@REALM"

When using Kerberos Credential Cache, this section contains the following entries:

kerberos:
  enabled: true
  cache:
    enabled: true
    file: "/home/atscaler/kerberos/krb5cc_atscaler"
  principal: "atscaler/atscale-ha-node-lb.docker.infra.atscale.com@CORPTEST.INFRA.ATSCALE.COM"

loadbalancer_dns_name

loadbalancer_dns_name is used for setting the DNS entry used to get to AtScale.

loadbalancer_dns_name: '### DNS entry used to get to atscale'

modeler

modeler contains attributes related to the AtScale Design Center Web application service and authorization messages.

modeler:
  ports:
    authorization: 10503
    http: 10500

service_account

service_account is used for setting the user running the service.

service_account: '### user running the service'

tls

tls contains attributes related to Transport Layer Security.

tls:
  certificate: /opt/atscale/conf/server.cert
  enabled: false
  key: /opt/atscale/conf/server.key

auth_address

auth_address is used for restricting how the atscale_super user can connect to the PostgreSQL database. Effective as of the AtScale 2021.3.1 release. Can have one of the following values:

  • `all`: the atscale_super user can connect remotely from any machine that can access AtScale node. This is the default value.
  • `samenet`: the atscale_super user can connect remotely from any machine in the same network as AtScale Node.
  • `samehost`: the atscale_super user cannot connect remotely. Only applicable for single node installation, should not be used for cluster installation.
database:
    security:
        super:
            auth_address: all