OpenResty Edge's configuration files
Configuration files for OpenResty Edge Admin
File path: /usr/local/oredge-admin/conf/config.ini
After modifying the configuration, you will need to execute the following command to restart the service for the new configuration to take effect.
sudo systemctl start upgrade-oredge-admin
postgresql
[postgresql]
host = 127.0.0.1
port = 5432
max_idle_timeout = 60
pool_size = 10
database = "or_edge_admin"
user = "USER"
password = 'PASSWORD'
This configuration block configures the database to which OpenResty Edge Admin will connect.
host
is the address of the database, and the default is local 127.0.0.1, which means the database is considered to be deployed on the same machine as OpenResty Edge Admin by default.port
is the service port of the database. The default is 5432.max_idle_timeout
is the idle long connection keepalive time.pool_size
is the size of the connection pool to which the database is connected.database
is the specified database to connect to.user
is the user name when accessing the database.password
is the password to use when accessing the database.
clone_admin
[clone_admin]
host = "192.168.1.2"
port = 12345
role = "normal"
This configuration block is used to configure another OpenResty Edge Admin.
host
is the address of another OpenResty Edge Adminport
is the port of another OpenResty Edge Adminrole
is the role type of another OpenResty Edge Admin. The values are: normal, main, and staging.- normal is the default value and indicates a generic OpenResty Edge Admin.
- main indicates the main OpenResty Edge Admin.
- staging indicates grayscale OpenResty Edge Admin.
log_server
[log_server]
host = 127.0.0.1
api_port = 8089
mbus_port = 12346
This configuration block is used to specify information about the OpenResty Edge Log Server.
host
is the address of the OpenResty Edge Log Server. OpenResty Edge Admin needs to get logs and other information from OpenResty Edge Log Server.api_port
is the port of Log Server’s API service, which is used to get logs and other information through the interface.mbus_port
is the port of Log Server’s MBUS service, which is used for RPC communication.
log_server_heartbeat
[log_server_heartbeat]
enable = true
interval = 1
down_threshold = 1
up_threshold = 1
This configuration block is used to configure health checks for the OpenResty Edge Log Server.
enable
is used to enable or disable the health check.interval
is the heartbeat interval.down_threshold
is the unhealthy threshold, the number of failed requests reaches this threshold, and the Log Server is considered unhealthy.up_threshold
is the health threshold. If the number of successful requests reaches this threshold, then Log Server is considered healthy.
acme
[acme]
acme_skip_precheck = false
This configuration block is used to configure the behavior when using a third-party certificate provider.
acme_skip_precheck
is used to control whether to skip the precheck before a certificate is issued, such as “whether the DNS record for the domain name points to OpenResty Edge”.
config
[config]
max_full_sync_batch = 500
max_full_sync_qps = 5
max_delta_sync_qps = 500
admin_api_port = 8088
admin_api_scheme = http
max_history = 5000
gc_history_threshold = 1000
gc_ts_threshold = 259200
clean_ts_threshold = 604800
clean_sync_delta_interval = 86400
This configuration block is used to specify the configuration of OpenResty Edge Admin’s service port, configuration synchronization, etc.
max_full_sync_batch
: The number of configurations synchronized when full sync is used.max_full_sync_qps
: The speed limit configuration for full sync. The default value is 5.max_delta_sync_qps
: The speed limit configuration for delta sync. The default value is 500.admin_api_port
: The srvice port of OpenResty Edge Admin.admin_api_scheme
: The service type of OpenResty Edge Admin.max_history
: In each configuration database, the part of the incremental sync data versions exceedingmax_history
will be cleaned up, with a default of 5000.gc_history_threshold
: In all configuration databases, the versions of the incremental sync data exceedinggc_history_threshold
, and the time beforegc_ts_threshold
, will be cleaned up, with a default of 1000.gc_ts_threshold
: In all configuration databases, the versions of the incremental sync data exceedinggc_history_threshold
, and the time beforegc_ts_threshold
, will be cleaned up. The default is 259200 seconds, which is 3 days.clean_ts_threshold
: In all configuration databases, the incremental sync data generated beforeclean_ts_threshold
will be cleaned up, with a default of 604800 seconds, which is 7 days.clean_sync_delta_interval
: The interval for performing cleanup operations, with a default of 86400 seconds, which is 1 day.
static_file
[static_file]
max_download_qps = 5
full_sync_max_batch_size = 50
delta_sync_max_batch_size = 50
delta_sync_max_diff_version = 100
temp_file_root = "/tmp"
max_single_file_size = 10485760
max_archive_dir_size = 104857600
list_delta_limit = 5
max_download_qps
is the QPS for downloading static files. The default value is 5.full_sync_max_batch_size
is the batch size for full sync. The default value is 50.delta_sync_max_batch_size
is the batch size for delta synchronization. The default value is 50.delta_sync_max_diff_version
exceeds this threshold, full sync is used. Otherwise, delta sync is used.temp_file_root
is used to specify the temporary directory for static files. When uploading files to OpenResty Edge, they will be stored in this temporary directory first.max_single_file_size
is the maximum size of a single file, files exceeding this size will not be uploaded.max_archive_dir_size
is the maximum size of compressed files when uploading files in bulk, files exceeding this size will not be uploaded.list_delta_limit
is the QPS for OpenResty Node to get the list of changed files. The default value is 5.
license
[license]
http_proxy = "http://127.0.0.1:2000"
authorization = "UESRNAME:PASSWORD"
This configuration block is used to configure the License synchronization.
http_proxy
is the URL to use when using the proxy.authorization
is the authentication information for the proxy.
waf_rules
[waf_rules]
temp_file_root = "/tmp"
This configuration block is the configuration related to the WAF rules.
temp_file_root
is the directory where WAF rules are temporarily cached when uploaded.
rotate_log
[rotate_log]
interval = 86400
max_kept_file = 128
This configuration block is used to configure the log rotation.
interval
is the rotation interval.max_kept_file
is the maximum number of log files to keep.
dns_healthcheck
[dns_healthcheck]
interval = 10
This configuration block is used to configure DNS health checks.
interval
is used to set the DNS health check interval in seconds. The default value is 10.
Configuration file for OpenResty Edge Node
File path: /usr/local/oredge-node/conf/config.ini
After modifying the configuration, you will need to execute the following command to restart the service for the new configuration to take effect.
sudo systemctl start upgrade-oredge-node
admin
[admin]
host = 127.0.0.1
port = 12345
ssl_host = ADMIN_HOST_COM
protocol = "wss"
host2 = 127.0.0.1
port2 = 12345
protocol2 = "https"
This configuration block is used to configure the information of OpenResty Edge Admin, according to which OpenResty Edge Node will connect to the corresponding OpenResty Edge Admin.
host
is the address of the OpenResty Edge Admin.port
is the service port of OpenResty Edge Admin.ssl_host
is the domain name of OpenResty Edge Admin, which will be used during the SSL handshake.protocol
is the protocol used to connect to OpenResty Edge Admin and can take the values wss and https.
If there is a second OpenResty Edge Admin, you can connect to this OpenResty Edge Admin by configuring host2, port2, protocol2.
log_server
[log_server]
host = "127.0.0.1"
port = 12346
protocol = "wss"
mbus_use_host_as_sni = true
mbus_sni = "logserver.test.com"
This configuration block is used to configure OpenResty Edge Log Server information for OpenResty Edge Node.
host
,port
, andprotocol
are the connection information for the OpenResty Edge Log Server.mbus_use_host_as_sni
indicates whether to use the host as SNI (Server Name Indication) for SSL handshake.mbus_sni
is similar tombus_use_host_as_sni
, but the SNI can be specified directly through this configuration.
healthcheck
[healthcheck]
update_always_check_ups_interval = 180
run_interval = 1
check_interval = 60
pool_size = 512
This configuration block is used to configure upstream health checks.
update_always_check_ups_interval
is the interval to update the upstream with thealways check
flag turned on.run_interval
is the interval to perform health checks.check_interval
is the interval to check the health check results and to continue the health check at a later time if the results expire.pool_size
is the connection pool size to use when connecting to the other side.
config
[config]
lmdb = /usr/local/oredge-node/data/config.mdb
lmdb_size = 8192m
disable_core_file_cleanup = false
This configuration block is some general configuration for the OpenResty Edge Node.
lmdb
is the file path of the OpenResty Edge Node local database.lmdb_size
is the size of the database file. If you want to change it, please refer to this document: LMDB Size Change and Backup Recovery #disable_core_file_cleanup
is used to enable the deletion of core files generated by OpenResty Edge Node.
dns
[dns]
enable_access_log = true
enable_limiter = true
enable_cache = true
cache_ttl = 1
This configuration block is the DNS-related configuration for the OpenResty Edge Node.
enable_access_log
is used to control whether access logging is enabled.enable_limiter
is used to control whether to enable speed limiting.enable_cache
controls whether caching is enabled or not, andcache_ttl
is the cache expiration date.
access_log
[access_log]
max_log_count = 4096
This configuration block is used to configure the OpenResty Edge Node’s access logs.
max_log_count
is used to control the number of access logs that can be opened dynamically.
Configuration file for OpenResty Edge Log Server
File path: /usr/local/oredge-log-server/conf/config.ini
After modifying the configuration, you will need to execute the following command to restart the service for the new configuration to take effect.
sudo systemctl start upgrade-oredge-log-server
postgresql
[postgresql]
host = 127.0.0.1
port = 5432
max_idle_timeout = 60
pool_size = 50
database = "or_edge_log_server"
user = "USERNAME"
password = 'PASSWORD'
backlog = 1024
This configuration block is used to configure the database information to be used by the OpenResty Edge Log Server.
stash
[stash]
errlog_size = 100
events_size = 1024
health_check_size = 512
http_metric_size = 1024
sys_monitor_size = 100
This configuration block is used to configure the buffer size for error logging, event, and other logging. This buffer is used before writing to the database to avoid frequent database writes.
errlog_size
is used for error logging.events_size
Used for event notification logging.health_check_size
is used for health check logging.http_metric_size
for upstream metrics and HTTP metrics.sys_monitor_size
Used for OpenResty Edge Node system monitor logging.
alarm
[alarm]
disable_waf_alarm = true
This configuration block is used to configure the alarm.
disable_waf_alarm
is used to disable the alarm for WAF. WAF events may be numerous and cause a lot of data to be transmitted to OpenRest Edge Admin and written to OpenResty Edge Admin’s database, so we provide an option to disable it.
Configuration file for OpenResty PostgreSQL
Configuration file path: /var/postgres12/data/postgresql.conf Access control file path: /var/postgres12/data/pg_hba.conf
When OpenRsty Edge Admin and the database it uses are on the same machine, when OpenRsty Edge Log Server and the database it uses are on the same machine, no additional database configuration is usually required. When OpenRsty Edge Admin and its database are deployed on different machines, the following configuration is required.
Change the following configuration in /var/postgres12/data/postgresql.conf
from
# listen_addresses = 'localhost'
to
listen_addresses = '*'
Next, modify /var/postgres12/data/pg_hba.conf to allow OpenResty Edge Admin access to the database.
host all all 10.0.0.1/32 md5
10.0.0.1/32
indicates the range of IP addresses allowed to access the database.
After all, changes have been made, restart the database to make the new configuration take effect:
sudo systemctl restart openresty-postgresql12