Configuration ============= The service allowed two variants of configuration: #) use the Configurator service #) use the configuration file The service reads settings from the configuration file by default. You can specify the `--luna-config` option for pulling settings from the Configurator service, see `configurator `_. Auto reload configuration ------------------------- The service supports an auto-reload of configurations. You can enable this feature by specifying a `config-reload` option in the command line. The service periodically checks new settings. If current settings and new pulled settings are the same the service will not perform any actions. You can specify the check period in the `pulling-time` command line argument (10 seconds by default). If a configuration fetching has failed, the service will work without applying any changes to the existing configurations. If check connections with the new configuration have failed, the service will retry pulling new configuration after `pulling-time` seconds. The service will shut down after 10 failed attempts. .. warning:: Service can work incorrectly while the new settings are being applied. It is strongly recommended not to send requests to the service when you change important settings (database credentials, work plugins list, and others). Configuration file for luna lambda ---------------------------------- .. literalinclude:: ../../../luna_lambda/configs/config.conf Configuration requirements -------------------------- There are several parameters that are responsible for interacting with the kubernetes cluster. - The main significant parameter is `CLUSTER_LOCATION`. There are several allowed values of this parameter: - `internal`: suggests service works in k8s cluster and doesn't require and other additional settings - `remote`: suggests service works with remote k8s cluster and properly defined `CLUSTER_CREDENTIALS` settings (highly not recommended for anything except for development) - `local`: suggests service works on the same machine as k8s cluster (highly not recommended for anything except for development) - If `luna-lambda` is configured to use remote kubernetes cluster it is required to define `CLUSTER_CREDENTIALS`: - suggests access to k8s cluster using ssl connection - `HOST` is kubernetes cluster host - `TOKEN` is kubernetes cluster token which must be provided by kubernetes cluster administrator (each token has its own expiration time, do not forget to use actual token) - `CERTIFICATE_PATH` is path to SSL certificate which must be provided by kubernetes cluster administrator - Independently of `CLUSTER_LOCATION` configuration it is required to define `S3` setting using credentials to s3-like storage with possibility to read/write to specified bucket. It will be used by `luna-lambda` for storing archives with lambdas. .. warning:: At present there is no mechanism of s3 bucket garbage collection. - There is `LAMBDA_REGISTRY` parameter. It is required read and write access to this registry. If `luna-lambda` is running in kubernetes cluster, it is required to grant access to this registry from kubernetes cluster. - There is `LAMBDA_INSECURE_REGISTRIES` parameter. If `LAMBDA_REGISTRY` contains insecure registry and/or it is required access to any other insecure registries during `lambda creation process <./creation_pipeline.html>`_, they must be specified in `LAMBDA_INSECURE_REGISTRIES`.