168 lines
No EOL
8.7 KiB
HTML
168 lines
No EOL
8.7 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>cdist-type__consul_agent(7)</title><link rel="stylesheet" type="text/css" href="docbook-xsl.css" /><meta name="generator" content="DocBook XSL Stylesheets V1.78.1" /></head><body><div xml:lang="en" class="article" lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="idm139809530586896"></a>cdist-type__consul_agent(7)</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Steven</span> <span class="surname">Armstrong</span></h3><code class="email"><<a class="email" href="mailto:steven-cdist--@--armstrong.cc">steven-cdist--@--armstrong.cc</a>></code></div></div></div><hr /></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="section"><a href="#_name">1. NAME</a></span></dt><dt><span class="section"><a href="#_description">2. DESCRIPTION</a></span></dt><dt><span class="section"><a href="#_required_parameters">3. REQUIRED PARAMETERS</a></span></dt><dt><span class="section"><a href="#_optional_parameters">4. OPTIONAL PARAMETERS</a></span></dt><dt><span class="section"><a href="#_boolean_parameters">5. BOOLEAN PARAMETERS</a></span></dt><dt><span class="section"><a href="#_examples">6. EXAMPLES</a></span></dt><dt><span class="section"><a href="#_see_also">7. SEE ALSO</a></span></dt><dt><span class="section"><a href="#_copying">8. COPYING</a></span></dt></dl></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_name"></a>1. NAME</h2></div></div></div><p>cdist-type__consul_agent - manage the consul agent</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_description"></a>2. DESCRIPTION</h2></div></div></div><p>Configure and manage the consul agent.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_required_parameters"></a>3. REQUIRED PARAMETERS</h2></div></div></div><p>None.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_optional_parameters"></a>4. OPTIONAL PARAMETERS</h2></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">
|
||
acl-datacenter
|
||
</span></dt><dd>
|
||
only used by servers. This designates the datacenter which is authoritative
|
||
for ACL information.
|
||
</dd><dt><span class="term">
|
||
acl-default-policy
|
||
</span></dt><dd>
|
||
either "allow" or "deny"; defaults to "allow". The default policy controls the
|
||
behavior of a token when there is no matching rule.
|
||
</dd><dt><span class="term">
|
||
acl-down-policy
|
||
</span></dt><dd>
|
||
either "allow", "deny" or "extend-cache"; "extend-cache" is the default.
|
||
</dd><dt><span class="term">
|
||
acl-master-token
|
||
</span></dt><dd>
|
||
only used for servers in the acl_datacenter. This token will be created with
|
||
management-level permissions if it does not exist. It allows operators to
|
||
bootstrap the ACL system with a token ID that is well-known.
|
||
</dd><dt><span class="term">
|
||
acl-token
|
||
</span></dt><dd>
|
||
when provided, the agent will use this token when making requests to the
|
||
Consul servers.
|
||
</dd><dt><span class="term">
|
||
acl-ttl
|
||
</span></dt><dd>
|
||
used to control Time-To-Live caching of ACLs.
|
||
</dd><dt><span class="term">
|
||
bind-addr
|
||
</span></dt><dd>
|
||
sets the bind address for cluster communication
|
||
</dd><dt><span class="term">
|
||
bootstrap-expect
|
||
</span></dt><dd>
|
||
sets server to expect bootstrap mode
|
||
</dd><dt><span class="term">
|
||
ca-file-source
|
||
</span></dt><dd>
|
||
path to a PEM encoded certificate authority file which will be uploaded and
|
||
configure using the ca_file config option.
|
||
</dd><dt><span class="term">
|
||
cert-file-source
|
||
</span></dt><dd>
|
||
path to a PEM encoded certificate file which will be uploaded and
|
||
configure using the cert_file config option.
|
||
</dd><dt><span class="term">
|
||
client-addr
|
||
</span></dt><dd>
|
||
sets the address to bind for client access
|
||
</dd><dt><span class="term">
|
||
datacenter
|
||
</span></dt><dd>
|
||
datacenter of the agent
|
||
</dd><dt><span class="term">
|
||
encrypt
|
||
</span></dt><dd>
|
||
provides the gossip encryption key
|
||
</dd><dt><span class="term">
|
||
group
|
||
</span></dt><dd>
|
||
the primary group for the agent
|
||
</dd><dt><span class="term">
|
||
json-config
|
||
</span></dt><dd>
|
||
path to a partial json config file without leading { and trailing }.
|
||
If json-config is <span class="emphasis"><em>-</em></span> (dash), take what was written to stdin as the file content.
|
||
</dd><dt><span class="term">
|
||
key-file-source
|
||
</span></dt><dd>
|
||
path to a PEM encoded private key file which will be uploaded and
|
||
configure using the key_file config option.
|
||
</dd><dt><span class="term">
|
||
node-name
|
||
</span></dt><dd>
|
||
name of this node. Must be unique in the cluster
|
||
</dd><dt><span class="term">
|
||
retry-join
|
||
</span></dt><dd>
|
||
address to attempt joining every retry_interval until at least one join works.
|
||
Can be specified multiple times.
|
||
</dd><dt><span class="term">
|
||
user
|
||
</span></dt><dd>
|
||
the user to run the agent as
|
||
</dd><dt><span class="term">
|
||
state
|
||
</span></dt><dd>
|
||
if the agent is <span class="emphasis"><em>present</em></span> or <span class="emphasis"><em>absent</em></span>. Defaults to <span class="emphasis"><em>present</em></span>.
|
||
Currently state=absent is not working due to some dependency issues.
|
||
</dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_boolean_parameters"></a>5. BOOLEAN PARAMETERS</h2></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">
|
||
disable-remote-exec
|
||
</span></dt><dd>
|
||
disables support for remote execution. When set to true, the agent will ignore any incoming remote exec requests.
|
||
</dd><dt><span class="term">
|
||
disable-update-check
|
||
</span></dt><dd>
|
||
disables automatic checking for security bulletins and new version releases
|
||
</dd><dt><span class="term">
|
||
leave-on-terminate
|
||
</span></dt><dd>
|
||
gracefully leave cluster on SIGTERM
|
||
</dd><dt><span class="term">
|
||
rejoin-after-leave
|
||
</span></dt><dd>
|
||
rejoin the cluster using the previous state after leaving
|
||
</dd><dt><span class="term">
|
||
server
|
||
</span></dt><dd>
|
||
used to control if an agent is in server or client mode
|
||
</dd><dt><span class="term">
|
||
syslog
|
||
</span></dt><dd>
|
||
enables logging to syslog
|
||
</dd><dt><span class="term">
|
||
verify-incoming
|
||
</span></dt><dd>
|
||
enforce the use of TLS and verify a client’s authenticity on incomming connections
|
||
</dd><dt><span class="term">
|
||
verify-outgoing
|
||
</span></dt><dd>
|
||
enforce the use of TLS and verify the peers authenticity on outgoing connections
|
||
</dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_examples"></a>6. EXAMPLES</h2></div></div></div><pre class="screen"># configure as server, bootstrap and rejoin
|
||
hostname="$(cat "$__global/explorer/hostname")"
|
||
__consul_agent \
|
||
--datacenter dc1 \
|
||
--node-name "${hostname%%.*}" \
|
||
--disable-update-check \
|
||
--server \
|
||
--rejoin-after-leave \
|
||
--bootstrap-expect 3 \
|
||
--retry-join consul-01 \
|
||
--retry-join consul-02 \
|
||
--retry-join consul-03
|
||
|
||
# configure as server, bootstrap and rejoin with ssl support
|
||
hostname="$(cat "$__global/explorer/hostname")"
|
||
__consul_agent \
|
||
--datacenter dc1 \
|
||
--node-name "${hostname%%.*}" \
|
||
--disable-update-check \
|
||
--server \
|
||
--rejoin-after-leave \
|
||
--bootstrap-expect 3 \
|
||
--retry-join consul-01 \
|
||
--retry-join consul-02 \
|
||
--retry-join consul-03 \
|
||
--ca-file-source /path/to/ca.pem \
|
||
--cert-file-source /path/to/cert.pem \
|
||
--key-file-source /path/to/key.pem \
|
||
--verify-incoming \
|
||
--verify-outgoing
|
||
|
||
# configure as client and try joining existing cluster
|
||
__consul_agent \
|
||
--datacenter dc1 \
|
||
--node-name "${hostname%%.*}" \
|
||
--disable-update-check \
|
||
--retry-join consul-01 \
|
||
--retry-join consul-02 \
|
||
--retry-join consul-03</pre></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_see_also"></a>7. SEE ALSO</h2></div></div></div><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
|
||
<a href="../man7/cdist-type.html">cdist-type(7)</a>
|
||
</li><li class="listitem">
|
||
<a class="ulink" href="http://www.consul.io/docs/agent/options.html" target="_top">http://www.consul.io/docs/agent/options.html</a>
|
||
</li></ul></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_copying"></a>8. COPYING</h2></div></div></div><p>Copyright (C) 2015 Steven Armstrong. Free use of this software is
|
||
granted under the terms of the GNU General Public License version 3 (GPLv3).</p></div></div></body></html> |