Configuration Reference

This document lists all options for the inmanta server and inmanta agent.

The options are listed per config section.

agent_rest_transport

host
Type

str

Default

localhost

IP address or hostname of the server

port
Type

int

Default

8888

Server port

request-timeout
Type

int

Default

120

The time before a request times out in seconds

ssl
Type

bool

Default

False

Connect using SSL?

ssl-ca-cert-file
Type

optional str

Default

None

CA cert file used to validate the server certificate against

token
Type

optional str

Default

None

The bearer token to use to connect to the API

client_rest_transport

host
Type

str

Default

localhost

IP address or hostname of the server

port
Type

int

Default

8888

Server port

request-timeout
Type

int

Default

120

The time before a request times out in seconds

ssl
Type

bool

Default

False

Connect using SSL?

ssl-ca-cert-file
Type

optional str

Default

None

CA cert file used to validate the server certificate against

token
Type

optional str

Default

None

The bearer token to use to connect to the API

cmdline_rest_transport

host
Type

str

Default

localhost

IP address or hostname of the server

port
Type

int

Default

8888

Server port

request-timeout
Type

int

Default

120

The time before a request times out in seconds

ssl
Type

bool

Default

False

Connect using SSL?

ssl-ca-cert-file
Type

optional str

Default

None

CA cert file used to validate the server certificate against

token
Type

optional str

Default

None

The bearer token to use to connect to the API

compiler

dataflow-graphic-enable
Type

bool

Default

False

Enables graphic visualization of the data flow in the model. Requires the datatrace_enable option. Requires graphviz.

datatrace-enable
Type

bool

Default

False

Enables the experimental datatrace application on top of the compiler. The application should help in identifying the cause of compilation errors during the development process.

compiler_rest_transport

host
Type

str

Default

localhost

IP address or hostname of the server

port
Type

int

Default

8888

Server port

request-timeout
Type

int

Default

120

The time before a request times out in seconds

ssl
Type

bool

Default

False

Connect using SSL?

ssl-ca-cert-file
Type

optional str

Default

None

CA cert file used to validate the server certificate against

token
Type

optional str

Default

None

The bearer token to use to connect to the API

config

agent-deploy-interval
Type

time

Default

0

The number of seconds between two (incremental) deployment runs of the agent. Set this to 0 to disable the scheduled deploy runs.

agent-deploy-splay-time
Type

time

Default

600

The splaytime added to the agent-deploy-interval. Set this to 0 to disable the splaytime. At startup the agent will choose a random number between 0 and agent-deploy-splay-time. It will wait this number of second before performing the first deployment run. Each subsequent repair deployment will start agent-deploy-interval seconds after the previous one.

agent-interval
Type

time

Default

600

[DEPRECATED] The run interval of the agent. Every run-interval seconds, the agent will check the current state of its resources against to desired state model

agent-map
Type

map

Default

None

By default the agent assumes that all agent names map to the host on which the process is executed. With the agent map it can be mapped to other hosts. This value consists of a list of key/value pairs. The key is the name of the agent and the format of the value is described in std::AgentConfig. When the configuration option config.use_autostart_agent_map is set to true, this option will be ignored. example: iaas_openstack=localhost,vm1=192.16.13.2

agent-names
Type

str

Default

$node-name

Names of the agents this instance should deploy configuration for. When the configuration option config.use_autostart_agent_map is set to true, this option will be ignored.

agent-reconnect-delay
Type

int

Default

5

Time to wait after a failed heartbeat message. DO NOT SET TO 0

agent-repair-interval
Type

time

Default

600

The number of seconds between two repair runs (full deploy) of the agent. Set this to 0 to disable the scheduled repair runs.

agent-repair-splay-time
Type

time

Default

600

The splaytime added to the agent-repair-interval. Set this to 0 to disable the splaytime. At startup the agent will choose a random number between 0 and agent-repair-splay-time. It will wait this number of second before performing the first repair run. Each subsequent repair deployment will start agent-repair-interval seconds after the previous one.

agent-splay
Type

time

Default

600

[DEPRECATED] The splaytime added to the runinterval. Set this to 0 to disable splaytime. At startup the agent will choose a random number between 0 and “agent_splay. It will wait this number of second before performing the first deploy. Each subsequent deploy will start agent-interval seconds after the previous one.

environment
Type

optional uuid

Default

None

The environment this model is associated with

export
Type

list

Default

The list of exporters to use. This option is ignored when the –export-plugin option is used.

feature-file
Type

optional str

Default

None

The loacation of the inmanta feature file.

log-dir
Type

str

Default

/var/log/inmanta

The directory where the resource action log is stored and the logs of auto-started agents.

node-name
Type

str

Default

socket.gethostname()

Force the hostname of this machine to a specific value

server-timeout
Type

time

Default

125

Amount of time to wait for a response from the server before we try to reconnect, must be larger than server.agent-hold

state-dir
Type

str

Default

/var/lib/inmanta

The directory where the server stores its state

use-autostart-agent-map
Type

bool

Default

False

If this option is set to true, the agent-map of this agent will be set the the autostart_agent_map configured on the server. The agent_map will be kept up-to-date automatically.

dashboard

auth-url
Type

str

Default

None

The auth url of the keycloak server to use.

client-id
Type

str

Default

None

The client id configured in keycloak for this application.

enabled
Type

bool

Default

True

Determines whether the server should host the dashboard or not

path
Type

str

Default

/usr/share/inmanta/dashboard

The path on the local file system where the dashboard can be found

realm
Type

str

Default

inmanta

The realm to use for keycloak authentication.

database

connection-pool-max-size
Type

int

Default

10

Max number of connections in the pool

connection-pool-min-size
Type

int

Default

10

Number of connections the pool will be initialized with

connection-timeout
Type

float

Default

60

Connection timeout in seconds

host
Type

str

Default

localhost

Hostname or IP of the postgresql server

name
Type

str

Default

inmanta

The name of the database on the postgresql server

password
Type

str

Default

None

The password that belong to the database user

port
Type

int

Default

5432

The port of the postgresql server

username
Type

str

Default

postgres

The username to access the database in the PostgreSQL server

deploy

environment
Type

optional str

Default

deploy

The environment name to use in the deploy

project
Type

optional str

Default

deploy

The project name to use in the deploy

influxdb

host
Type

str

Default

Hostname or IP of the influxdb server to send reports to

interval
Type

int

Default

30

Interval with which to report to influxdb

name
Type

str

Default

inmanta

The name of the database on the influxdb server

password
Type

str

Default

None

The password that belong to the influxdb user

port
Type

int

Default

8086

The port of the influxdb server

tags
Type

map

Default

a dict of tags to attach to all influxdb records in the form tag=value,tag=value

username
Type

str

Default

None

The username to access the database in the influxdb server

server

access-control-allow-origin
Type

optional str

Default

None

Configures the Access-Control-Allow-Origin setting of the http server.Defaults to not sending an Access-Control-Allow-Origin header.

agent-hold
Type

time

Default

server.agent-timeout *3/4

Maximal time the server will hold an agent heartbeat call

agent-timeout
Type

time

Default

30

Time before an agent is considered to be offline

auth
Type

bool

Default

False

Enable authentication on the server API

auto-recompile-wait
Type

time

Default

10

The number of seconds to wait before the server may attempt to do a new recompile. Recompiles are triggered after facts updates for example.

available-versions-to-keep
Type

int

Default

10

On boot and at regular intervals the server will purge older versions. This is the number of most recent versions to keep available.

bind-address
Type

list

Default

127.0.0.1

A list of addresses on which the server will listen for connections. If this option is set, the server_rest_transport.port option is ignored.

bind-port
Type

int

Default

8888

The port on which the server will listen for connections. If this option is set, the server_rest_transport.port option is ignored.

delete-currupt-files
Type

bool

Default

True

The server logs an error when it detects a file got corrupted. When set to true, the server will also delete the file, so on subsequent compiles the missing file will be recreated.

enabled-extensions
Type

list

Default

A list of extensions the server must load. Core is always loaded.If an extension listed in this list is not available, the server will refuse to start.

fact-expire
Type

time

Default

3600

After how many seconds will discovered facts/parameters expire

fact-renew
Type

time; < server.fact-expire

Default

server.fact-expire /3

After how many seconds will discovered facts/parameters be renewed? This value needs to be lower than fact-expire

fact-resource-block
Type

time

Default

60

Minimal time between subsequent requests for the same fact

purge-resource-action-logs-interval
Type

time

Default

3600

The number of seconds between resource-action log purging

purge-versions-interval
Type

time

Default

3600

The number of seconds between version purging, see server.available-versions-to-keep

resource-action-log-prefix
Type

str

Default

resource-actions-

File prefix in log-dir, containing the resource-action logs. The after the prefix the environment uuid and .log is added

server-address
Type

str

Default

localhost

The public ip address of the server. This is required for example to inject the inmanta agent in virtual machines at boot time.

ssl-ca-cert-file
Type

optional str

Default

None

The CA cert file required to validate the server ssl cert. This setting is used by the serverto correctly configure the compiler and agents that the server starts itself. If not set and SSL is enabled, the server cert should be verifiable with the CAs installed in the OS.

ssl-cert-file
Type

optional str

Default

None

SSL certificate file for the server key. Leave blank to disable SSL

ssl-key-file
Type

optional str

Default

None

Server private key to use for this server Leave blank to disable SSL

wait-after-param
Type

time

Default

5

Time to wait before recompile after new paramters have been received

server_rest_transport

port
Type

int

Default

8888

[DEPRECATED USE server.bind-port] The port on which the server listens for connections

unknown_handler

default
Type

str

Default

prune-agent

default method to handle unknown values