Configuration Reference¶
This document lists all options for the inmanta server and inmanta agent.
The options are listed per config section.
agent_rest_transport¶
-
host
¶ Type: str Default: localhost
IP address or hostname of the server
-
port
¶ Type: int Default: 8888
Server port
-
request-timeout
¶ Type: int Default: 120
The time before a request times out in seconds
-
ssl
¶ Type: bool Connect using SSL?
-
ssl-ca-cert-file
¶ Type: optional str CA cert file used to validate the server certificate against
-
token
¶ Type: optional str The bearer token to use to connect to the API
client_rest_transport¶
-
host
¶ Type: str Default: localhost
IP address or hostname of the server
-
port
¶ Type: int Default: 8888
Server port
-
request-timeout
¶ Type: int Default: 120
The time before a request times out in seconds
-
ssl
¶ Type: bool Connect using SSL?
-
ssl-ca-cert-file
¶ Type: optional str CA cert file used to validate the server certificate against
-
token
¶ Type: optional str The bearer token to use to connect to the API
cmdline_rest_transport¶
-
host
¶ Type: str Default: localhost
IP address or hostname of the server
-
port
¶ Type: int Default: 8888
Server port
-
request-timeout
¶ Type: int Default: 120
The time before a request times out in seconds
-
ssl
¶ Type: bool Connect using SSL?
-
ssl-ca-cert-file
¶ Type: optional str CA cert file used to validate the server certificate against
-
token
¶ Type: optional str The bearer token to use to connect to the API
compiler_rest_transport¶
-
host
¶ Type: str Default: localhost
IP address or hostname of the server
-
port
¶ Type: int Default: 8888
Server port
-
request-timeout
¶ Type: int Default: 120
The time before a request times out in seconds
-
ssl
¶ Type: bool Connect using SSL?
-
ssl-ca-cert-file
¶ Type: optional str CA cert file used to validate the server certificate against
-
token
¶ Type: optional str The bearer token to use to connect to the API
config¶
-
agent-deploy-interval
¶ Type: time The number of seconds between two (incremental) deployment runs of the agent.
-
agent-deploy-splay-time
¶ Type: time Default: 600
The splaytime added to the agent-deploy-interval. Set this to 0 to disable the splaytime. At startup the agent will choose a random number between 0 and agent-deploy-splay-time. It will wait this number of second before performing the first deployment run. Each subsequent repair deployment will start agent-deploy-interval seconds after the previous one.
-
agent-interval
¶ Type: time Default: 600
[DEPRECATED] The run interval of the agent. Every run-interval seconds, the agent will check the current state of its resources against to desired state model
-
agent-map
¶ Type: map By default the agent assumes that all agent names map to the host on which the process is executed. With the agent map it can be mapped to other hosts. This value consists of a list of key/value pairs. The key is the name of the agent and the format of the value is described in
std::AgentConfig
example: iaas_openstack=localhost,vm1=192.16.13.2
-
agent-names
¶ Type: str Default: $node-name
Names of the agents this instance should deploy configuration for
-
agent-reconnect-delay
¶ Type: int Default: 5
Time to wait after a failed heartbeat message. DO NOT SET TO 0
-
agent-repair-interval
¶ Type: time Default: 600
The number of seconds between two repair runs (full deploy) of the agent. Set this to 0 to disable the scheduled repair runs.
-
agent-repair-splay-time
¶ Type: time Default: 600
The splaytime added to the agent-repair-interval. Set this to 0 to disable the splaytime. At startup the agent will choose a random number between 0 and agent-repair-splay-time. It will wait this number of second before performing the first repair run. Each subsequent repair deployment will start agent-repair-interval seconds after the previous one.
-
agent-run-at-start
¶ Type: bool run the agent at startup, even if a splay time is set
-
agent-splay
¶ Type: time Default: 600
[DEPRECATED] The splaytime added to the runinterval. Set this to 0 to disable splaytime. At startup the agent will choose a random number between 0 and “agent_splay. It will wait this number of second before performing the first deploy. Each subsequent deploy will start agent-interval seconds after the previous one.
-
environment
¶ Type: optional uuid The environment this model is associated with
-
export
¶ Type: list The list of exporters to use
-
log-dir
¶ Type: str Default: /var/log/inmanta
The directory where the server stores log file. Currently this is only for the output of embedded agents.
-
node-name
¶ Type: str Default: $ socket.gethostname()
Force the hostname of this machine to a specific value
-
server-timeout
¶ Type: time Default: 125
Amount of time to wait for a response from the server before we try to reconnect, must be smaller than server.agent-hold
-
state-dir
¶ Type: str Default: /var/lib/inmanta
The directory where the server stores its state
dashboard¶
-
auth-url
¶ Type: str The auth url of the keycloak server to use.
-
client-id
¶ Type: str The client id configured in keycloak for this application.
-
enabled
¶ Type: bool Default: True
Determines whether the server should host the dashboard or not
-
lcm
¶ Type: bool Enable lifecycle manager in the dashboard
-
path
¶ Type: str Default: /usr/share/inmanta/dashboard
The path on the local file system where the dashboard can be found
-
realm
¶ Type: str Default: inmanta
The realm to use for keycloak authentication.
database¶
-
host
¶ Type: str Default: localhost
Hostname or IP of the mongo server
-
name
¶ Type: str Default: inmanta
The name of the database on the mongo server
-
port
¶ Type: int Default: 27017
The port of the mongo server
server¶
-
agent-hold
¶ Type: time Default: $ server.agent-timeout*3/4
Maximal time the server will hold an agent heartbeat call
-
agent-timeout
¶ Type: time Default: 30
Time before an agent is considered to be offline
-
auth
¶ Type: bool Enable authentication on the server API
-
auto-recompile-wait
¶ Type: time Default: 10
The number of seconds to wait before the server may attempt to do a new recompile. Recompiles are triggered after facts updates for example.
-
available-versions-to-keep
¶ Type: int Default: 10
On boot and at regular intervals the server will purge older versions. This is the number of most recent versions to keep available.
-
delete-currupt-files
¶ Type: bool Default: True
The server logs an error when it detects a file got corrupted. When set to true, the server will also delete the file, so on subsequent compiles the missing file will be recreated.
-
fact-expire
¶ Type: time Default: 3600
After how many seconds will discovered facts/parameters expire
-
fact-renew
¶ Type: time; < server.fact-expire Default: $ server.fact-expire/3
After how many seconds will discovered facts/parameters be renewed? This value needs to be lower than fact-expire
-
fact-resource-block
¶ Type: time Default: 60
Minimal time between subsequent requests for the same fact
-
purge-resource-action-logs-interval
¶ Type: time Default: 3600
The number of seconds between resource-action log purging
-
purge-versions-interval
¶ Type: time Default: 3600
The number of seconds between version purging, see
server.available-versions-to-keep
-
resource-action-log-prefix
¶ Type: optional str Default: resource-actions-
File prefix in log-dir, containing the resource-action logs. The after the prefix the environment uuid and .log is added
-
server-address
¶ Type: str Default: localhost
The public ip address of the server. This is required for example to inject the inmanta agent in virtual machines at boot time.
-
ssl-ca-cert-file
¶ Type: optional str The CA cert file required to validate the server ssl cert. This setting is used by the serverto correctly configure the compiler and agents that the server starts itself. If not set and SSL is enabled, the server cert should be verifiable with the CAs installed in the OS.
-
ssl-cert-file
¶ Type: optional str SSL certificate file for the server key. Leave blank to disable SSL
-
ssl-key-file
¶ Type: optional str Server private key to use for this server Leave blank to disable SSL
-
wait-after-param
¶ Type: time Default: 5
Time to wait before recompile after new paramters have been received
server_rest_transport¶
-
port
¶ Type: str Default: 8888
The port on which the server listens for connections
service_api_rest_transport¶
-
host
¶ Type: str Default: localhost
IP address or hostname of the server
-
port
¶ Type: int Default: 8889
Server port
-
request-timeout
¶ Type: int Default: 120
The time before a request times out in seconds
-
ssl
¶ Type: bool Connect using SSL?
-
ssl-ca-cert-file
¶ Type: optional str CA cert file used to validate the server certificate against
-
token
¶ Type: optional str The bearer token to use to connect to the API
unknown_handler¶
-
default
¶ Type: str Default: prune-agent
default method to handle unknown values