Update config parameters #120
Conversation
sanfern
requested review from
charleskbliu0,
jniesz and
dthaler
as code owners
Signed-off-by: sanfern <[email protected]> Signed-off-by: sferna1 <[email protected]>
sanfern
force-pushed
the
sanfern-dev-config-update
branch
from
08786ea to
8bf64aa
Compare
Signed-off-by: sferna1 <[email protected]>
There was a problem hiding this comment.
I left comments on several of the config options. Also we need to update the configdoc.md for the below items:
L3afConfigsRestAPIAddr - update docs to say this is optional
KFRepoURL - update docs to say this is required
KFPollInterval - update docs to say this is optional
NMetricSamples - update docs to say this is optional
XDPRootProgram* - update docs to say these are optional
TCRootProgram* - update docs to say these are optional
EBPFChainDebugAddr - missing doc for this option
EBPFChainDebugEnabled - missing doc for this option
MTLSEnabled - update docs to say this is optional (default: true)
MTLSCACertFilename - update docs to say this is optional
MTLSServerCertFilename - update docs to say this is optional
MTLSServerKeyFilename - update docs to say this is optional
XDPRootProgramUserProgramDaemon - need to remove from docs
TCRootProgramUserProgramDaemon - need to remove from docs
sanfern
force-pushed
the
sanfern-dev-config-update
branch
from
60fda53 to
e40337c
Compare
Signed-off-by: sferna1 <[email protected]>
sanfern
force-pushed
the
sanfern-dev-config-update
branch
from
e40337c to
20d3dfb
Compare
| |kf-poll-interval|`"30s"`|Periodic interval at which to scrape metrics using Prometheus| No | | ||
| |n-metric-samples|`"20"`|Number of Metric Samples| No | |
There was a problem hiding this comment.
Shouldn't we say that the "example" values are the default values used?
There was a problem hiding this comment.
I think changing example to default makes sense and instead of giving example on each config option here we can point to the complete example config.
docs/configdoc.md
Outdated
| | FieldName | Example | Description | Required | | ||
| | ------------- | ------------- | --------------- |----------| | ||
| |enabled| `"true"` | Boolean to check mtls enabled or not on REST API exposed by l3afd| No | |
There was a problem hiding this comment.
| |enabled| `"true"` | Boolean to check mtls enabled or not on REST API exposed by l3afd| No | | |
| |enabled| `"true"` | Boolean controlling whether mTLS is enabled or not on the REST API exposed by l3afd| No | |
docs/configdoc.md
Outdated
| |enabled| `"true"` | Boolean to check mtls enabled or not on REST API exposed by l3afd| No | | ||
| |min-tls-version|`"1.3"`| Minimum tls version allowed| No | | ||
| |cert-dir|`"/etc/l3af/certs"`|Absolute path of ca certificates. On Linux this points to a filesystem directory, but on Windows it can point to [certificate store](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/certificate-stores) | No | |
There was a problem hiding this comment.
| |cert-dir|`"/etc/l3af/certs"`|Absolute path of ca certificates. On Linux this points to a filesystem directory, but on Windows it can point to [certificate store](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/certificate-stores) | No | | |
| |cert-dir|`"/etc/l3af/certs"`|Absolute path of CA certificates. On Linux this points to a filesystem directory, but on Windows it can point to a [certificate store](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/certificate-stores) | No | |
Signed-off-by: sferna1 <[email protected]>
There was a problem hiding this comment.
We should also update the sections for the kernel version something like:
|kernel-major-version|"4"|Major version of the kernel required to run eBPF programs (Linux Only)| No |
|kernel-minor-version|"15"|Minor version of the kernel required to run eBPF programs (Linux Only)| No |
| @@ -1,6 +1,6 @@ | |||
| # L3AFD Config Options Documentation | |||
|
|
|||
| See [l3afd.cfg](https://github.com/l3af-project/l3af-arch/blob/main/dev_environment/cfg/l3afd.cfg) for a full example configuration. | |||
| See [l3afd.cfg](https://github.com/l3af-project/l3afd/blob/main/config/l3afd.cfg) for a full example configuration. | |||
There was a problem hiding this comment.
lets convert this to relative link since it references file in same repo
There was a problem hiding this comment.
I think this got missed in your last commit
docs/configdoc.md
Outdated
| |restapi-addr|`"localhost:53000"`| Hostname and Port of l3af-configs REST API | Yes | | ||
| | FieldName | Default | Description | Required | | ||
| | ------------- | ------------- | --------------- |----------| | ||
| |restapi-addr|`"localhost:53000"`| Hostname and Port of l3af-configs REST API | No | | ||
|
|
||
| # [l3af-config-store] |
There was a problem hiding this comment.
should be heading2 "##" similar to above
docs/configdoc.md
Outdated
|
|
||
| # [l3af-config-store] | ||
| | FieldName | Example | Description | Required | | ||
| | FieldName | Default | Description | Required | | ||
| | ------------- | ------------- | --------------- | --------------- | | ||
| |filename|`"/etc/l3afd/l3af-config.json"`|Absolute path of persistent config file where we are storing L3afBPFPrograms objects. For more info see [models](https://github.com/l3af-project/l3afd/blob/main/models/l3afd.go)| Yes | | ||
|
|
||
| # [mtls] |
There was a problem hiding this comment.
should be heading2 "##" similar to above
docs/configdoc.md
Outdated
| | FieldName | Example | Description | Required | | ||
| | ------------- | ------------- | --------------- | --------------- | | ||
| |url| `"http://localhost:8000/"`|Default repository from which to download eBPF packages| No | | ||
| | FieldName | Example | Description | Required | |
There was a problem hiding this comment.
Please change heading "Example" to "Default" to match the format below. We should do this for all sections.
Signed-off-by: sferna1 <[email protected]>
sanfern
force-pushed
the
sanfern-dev-config-update
branch
from
9fd4713 to
caaf361
Compare
* Update config parameters Signed-off-by: Santhosh Fernandes <[email protected]> Co-authored-by: Jason Niesz <[email protected]>
Updating sample config file and updating the document link. This l3afd.cfg is an example for prod config deployment.
Signed-off-by: sanfern [email protected]