bluechi-controller.conf - Man Page

If this flag is set to true, it enables the connection handler for agents to connect remotely via TCP/IP to the controller. If disabled, all other TCP options such as the ControllerPort or TCPKeepAliveTime are not used. The TCP handler can run alongside the handler for local connections (Unix Domain Socket) as well as the systemd socket activated handler. Default: true.

If this flag is set to true, it enables the connection handler for agents to connect locally via Unix Domain Socket (UDS) to the controller. The UDS handler can run alongside the handler for remote connections (TCP/IP) as well as the systemd socket activated handler. Default: true.

The port the bluechi-controller listens on to establish connections with the bluechi-agent. By default port 842 is used.

A comma separated list of unique bluechi-agent names. Only nodes with names mentioned in the list, or nodes with Allowed=true in a separate node section can connect to bluechi-controller.

These names are defined in the agent's configuration file under NodeName option (see bluechi-agent.conf(5)).

The interval to periodically check node's connectivity based on heartbeat signals sent to bluechi, in milliseconds. A value of 0 disables it.

The threshold in milliseconds to determine whether a node is disconnected. If the node's last heartbeat signal was received before this threshold, bluechi assumes that the node is down or the connection was cut off and performs a disconnect.

The level used for logging. Supported values are:

• DEBUG
• INFO
• WARN
• ERROR

By default INFO level is used for logging.

The target where logs are written to. Supported values are:

• stderr
• stderr-full
• journald

By default journald is used as the target.

If this flag is set to true, no logs are written by bluechi. By default the flag is set to false.

If this flag is set to true, it enables extended, reliable error message passing for the peer connection with all agents. This results in BlueChi receiving errors such as host unreachable ICMP packets instantly and possibly dropping the connection. This is useful to detect disconnects faster, but should be used with care as this might cause unnecessary disconnects in less robut networks. Default: true.

The number of seconds the individual TCP connection with an agent needs to be idle before keepalive packets are sent. When TCPKeepAliveTime is set to 0, the system default will be used. Default: 1s.

The number of seconds between each keepalive packet. When TCPKeepAliveInterval is set to 0, the system default will be used. Default: 1s.

The number of keepalive packets without ACK from an agent till the individual connection is dropped. When TCPKeepAliveCount is set to 0, the system default will be used. Default: 6.

If true, the node with the section name is allowed to connect. See AllowedNodeNames above.

If set, the connecting node process must have the specified SELinux type label. Typically for local connections these would be bluechi_agent_t or haproxy_t.

Note: this option only works when the agent connects using unix domain sockets.