Configuration

The service allowed two variants of configuration:

  1. use the Configurator service

  2. use the configuration file

The service reads settings from the configuration file by default.

You can specify the –luna-config option for pulling settings from the Configurator service, see configurator.

Auto reload configuration

The service supports an auto-reload of configurations. You can enable this feature by specifying a config-reload option in the command line. The service periodically checks new settings. If current settings and new pulled settings are the same the service will not perform any actions. You can specify the check period in the pulling-time command line argument (10 seconds by default).

If a configuration fetching has failed, the service will work without applying any changes to the existing configurations.

If check connections with the new configuration have failed, the service will retry pulling new configuration after pulling-time seconds. The service will shut down after 10 failed attempts.

Warning

Service can work incorrectly while the new settings are being applied. It is strongly recommended not to send requests to the service when you change important settings (database credentials, work plugins list, and others).

Configuration file for luna lambda

# LUNA Lambda configuration file

[LUNA_CONFIGURATOR]
#: [integer] load configs from LUNA Configurator
USE_CONFIGURATOR = 0
#: [string] LUNA Configurator protocol, IP address, and port
LUNA_CONFIGURATOR_ORIGIN = http://127.0.0.1:5070
#: [integer] API version of the LUNA Configurator
LUNA_CONFIGURATOR_API  = 1


[LUNA_LAMBDA_DB]
#: [string] type of database: "postgres" or "oracle"; "postgres" type is used by default
DB_TYPE = postgres
#: [string] database username
DB_USER = luna
#: [string] database password
DB_PASSWORD = luna
#: [string] database IP address
DB_HOST = 127.0.0.1
#: [integer] database listener port, 5432 - default for "postgres" type, 1521 - default for "oracle" type
DB_PORT = 5432
#: [string] database name for "postgres" type, SID name for "oracle" type
DB_NAME = luna_lambda

[LUNA_LAMBDA_DB.DB_SETTINGS]
#: [integer] database connection pool size
CONNECTION_POOL_SIZE = 5


[LUNA_LAMBDA_LOGGER]
#: [string] folder, where logs are saved (relative path begins in directory with application)
FOLDER_WITH_LOGS = ./
#: [string] level of debug print, by priority: "ERROR", "WARNING", "INFO", "DEBUG"
LOG_LEVEL = INFO
#: [string] time format used in log records: "LOCAL" or "UTC"
LOG_TIME = LOCAL
#: [integer] maximum log file size in megabytes before performing rotation (0 - without rotation)
MAX_LOG_FILE_SIZE = 1024
#: send log to stdout
LOG_TO_STDOUT = 1
#: send log to file
LOG_TO_FILE = 0
#: allow multiline stack trace in logs
MULTILINE_STACK_TRACE = 1
#: log format
FORMAT = default


[LUNA_MONITORING]

#: [string] storage type
STORAGE_TYPE = influx
#: [integer] send data for monitoring to InfluxDB
SEND_DATA_FOR_MONITORING = 0
#: [string] InfluxDB 2.x workspace
ORGANIZATION = luna
#: [string] InfluxDB 2.x authentication token
TOKEN = kofqt4Pfqjn6o0RBtMDQqVoJLgHoxxDUmmhiAZ7JS6VmEnrqZXQhxDhad8AX9tmiJH6CjM7Y1U8p5eSEocGzIA==
#: [string] InfluxDB 2.x bucket name
BUCKET = luna_monitoring
#: [string] InfluxDB IP address
HOST = 127.0.0.1
#: [integer] InfluxDB port
PORT = 8086
#: [integer] use HTTPS to connect to InfluxDB
USE_SSL = 0
#: [integer] frequency of sending monitoring data to InfluxDB (in seconds)
FLUSHING_PERIOD = 1


[LAMBDA_S3]
#: S3 endpoint
HOST = http://localhost:7480
#: S3 public access key
AWS_PUBLIC_ACCESS_KEY = ""
#: S3 secret access key
AWS_SECRET_ACCESS_KEY = ""
#: S3 public access key
BUCKET = test-plugins
#: S3 region
REGION = eu-central-1

[CLUSTER_CREDENTIALS]
#: cluster host
HOST = https://127.0.0.1:6443
#: access token
TOKEN = token
#: path to ssl certificate
CERTIFICATE_PATH = ./cert.crt

[LUNA_LICENSES_ADDRESS]
#: LUNA license service, IP address, and port
ORIGIN = http://127.0.0.1:5120
#: API version of the LUNA Faces
API_VERSION = 1

[ADDITIONAL_SERVICES_USAGE]
LUNA_LAMBDA = 1


[LUNA_SERVICE_METRICS]
#: [int] whether to enable /metrics path and statistics collection
ENABLED = 0
# [string] statistics data format (prometheus is the only option yet)
METRICS_FORMAT = prometheus


[LUNA_SERVICE_METRICS.EXTRA_LABELS]


[LUNA_LAMBDA_HTTP_SETTINGS]
#: request timeout
REQUEST_TIMEOUT=60
#: response timeout
RESPONSE_TIMEOUT=600
#: request max size
REQUEST_MAX_SIZE=1073741824
#: keep alive
KEEP_ALIVE_TIMEOUT=200


[LUNA_LAMBDA_BUILD_LIMITS]

#: cpu limit
CPU_LIMIT=2000
#: ram limit
RAM_LIMIT=4
#: cpu request
CPU_REQUEST=500
#: ram request
RAM_REQUEST=0.5


[OTHER]
#: storage time - "LOCAL" or "UTC"
STORAGE_TIME = LOCAL
#: k8s cluster location: remote/local(executed on same machine)/internal(executed in cluster)
CLUSTER_LOCATION = internal
#: list of active plugins
LUNA_LAMBDA_ACTIVE_PLUGINS = []
#: registry
LAMBDA_REGISTRY = registry.vlabs:5000
#: insecure registries
LAMBDA_INSECURE_REGISTRIES = [registry.vlabs:5000]

Configuration requirements

There are several parameters that are responsible for interacting with the kubernetes cluster.

  • The main significant parameter is CLUSTER_LOCATION. There are several allowed values of this parameter:

    • internal: suggests service works in k8s cluster and doesn’t require and other additional settings

    • remote: suggests service works with remote k8s cluster and properly defined CLUSTER_CREDENTIALS settings (highly not recommended for anything except for development)

    • local: suggests service works on the same machine as k8s cluster (highly not recommended for anything except for development)

  • If luna-lambda is configured to use remote kubernetes cluster it is required to define CLUSTER_CREDENTIALS:

    • suggests access to k8s cluster using ssl connection

    • HOST is kubernetes cluster host

    • TOKEN is kubernetes cluster token which must be provided by kubernetes cluster administrator (each token has its own expiration time, do not forget to use actual token)

    • CERTIFICATE_PATH is path to SSL certificate which must be provided by kubernetes cluster administrator

  • Independently of CLUSTER_LOCATION configuration it is required to define S3 setting using credentials to s3-like storage with possibility to read/write to specified bucket. It will be used by luna-lambda for storing archives with lambdas.

    Warning

    At present there is no mechanism of s3 bucket garbage collection.

  • There is LAMBDA_REGISTRY parameter. It is required read and write access to this registry. If luna-lambda is running in kubernetes cluster, it is required to grant access to this registry from kubernetes cluster.

  • There is LAMBDA_INSECURE_REGISTRIES parameter. If LAMBDA_REGISTRY contains insecure registry and/or it is required access to any other insecure registries during lambda creation process, they must be specified in LAMBDA_INSECURE_REGISTRIES.