Skip to content

FrostFS Storage node configuration file

This section contains detailed FrostFS Storage node configuration file description including default config values and some tips to set up configurable values.

There are some custom types used for brevity: 1. duration -- string consisting of a number and a suffix. Suffix examples include s (seconds), m (minutes), ms (milliseconds). 2. size -- string consisting of a number and a suffix. Suffix examples include b (bytes, default), k (kibibytes), m (mebibytes), g (gibibytes). 3. file mode -- octal number. Usually, it starts with 0 and contain 3 digits, corresponding to file access permissions for user, group and others. 4. public key -- hex-encoded public key 5. hash160 -- hex-encoded 20-byte hash of a deployed contract.

Structure

Section Description
node Node parameters
logger Logging parameters
pprof PProf configuration
prometheus Prometheus metrics configuration
control Control service configuration
contracts Override FrostFS contracts hashes
morph N3 blockchain client configuration
apiclient FrostFS API client configuration
policer Policer service configuration
replicator Replicator service configuration
object Object service configuration
container Container service configuration
tree Tree service configuration
storage Storage engine configuration
rpc RPC limits configuration
runtime Runtime configuration
audit Audit configuration
multinet Multinet configuration
qos QoS configuration
grpc GRPC endpoint configuration
tracing Tracing configuration
systemdnotify Systemd notification configuration

control section

control:
  authorized_keys:
    - 035839e45d472a3b7769a2a1bd7d54c4ccd4943c3b40f547870e83a8fcbfb3ce11
    - 028f42cfcb74499d7b15b35d9bff260a1c8d27de4f446a627406a382d8961486d6
  grpc:
    endpoint: 127.0.0.1:8090
| Parameter | Type | Default value | Description | | ----------------- | -------------- | ------------- | -------------------------------------------------------------------------------- | | authorized_keys | []public key | empty | List of public keys which are used to authorize requests to the control service. | | grpc.endpoint | string | empty | Address that control service listener binds to. |

grpc section

grpc:
  - endpoint: localhost:8080
    tls:
      enabled: true
      certificate: /path/to/cert.pem
      key: /path/to/key.pem
  - endpoint: internal.ip:8080
  - endpoint: external.ip:8080
    tls:
      enabled: true
      use_insecure_crypto: true
Contains an array of gRPC endpoint configurations. The following table describes the format of each element.

Parameter Type Default value Description
endpoint []string empty Address that service listener binds to.
tls TLS config empty Address that control service listener binds to.

tls subsection

Parameter Type Default value Description
enabled bool false Address that control service listener binds to.
certificate string empty Path to the TLS certificate.
key string empty Path to the key.
use_insecure_crypto bool false If true, ciphers considered insecure by Go stdlib are allowed to be used.

pprof section

Contains configuration for the pprof profiler.

Parameter Type Default value Description
enabled bool false Flag to enable the service.
address string localhost:6060 Address that service listener binds to.
shutdown_timeout duration 30s Time to wait for a graceful shutdown.
block_rate int 0 Fraction of goroutine blocking events that are reported in the blocking profile. Non-positive values disable profiler reports.
mutex_rate int 0 Fraction of mutex contention events that are reported in the mutex profile. Non-positive values disable profiler reports.

prometheus section

Contains configuration for the prometheus metrics service.

Parameter Type Default value Description
enabled bool false Flag to enable the service.
address string empty Address that service listener binds to.
shutdown_timeout duration 30s Time to wait for a graceful shutdown.

logger section

Contains logger parameters.

logger:
  level: info
  tags:
    - names: "main, morph"
      level: debug
Parameter Type Default value Description
level string info Logging level.
Possible values: debug, info, warn, error, dpanic, panic, fatal
tags list of tags descriptions empty Array of tags description.
destination string stdout Logger destination: one of stdout (default), journald
timestamp bool false Enables timestamps on log entries.

tags subsection

Parameter Type Default value Description
names string empty List of components divided by ,.
Possible values: main, engine, blobovnicza, blobovniczatree, blobstor, fstree, gc, shard, writecache, deletesvc, getsvc, searchsvc, sessionsvc, treesvc, policer, replicator.
level string empty Logging level for the components from names, overrides default logging level.

contracts section

Contains override values for FrostFS side-chain contract hashes. Most of the time contract hashes are fetched from the NNS contract, so this section can be omitted.

contracts:
  balance: 5263abba1abedbf79bb57f3e40b50b4425d2d6cd
  container: 5d084790d7aa36cea7b53fe897380dab11d2cd3c
  netmap: 0cce9e948dca43a6b592efe59ddb4ecb89bdd9ca
  proxy: ad7c6b55b737b696e5c82c85445040964a03e97f
Parameter Type Default value Description
balance hash160 0 Balance contract hash. If not set, hash will be looked up in NNS contract.
container hash160 0 Container contract hash. If not set, hash will be looked up in NNS contract.
netmap hash160 0 Netmap contract hash. If not set, hash will be looked up in NNS contract.
proxy hash160 0 Proxy contract hash. If not set, hash will be looked up in NNS contract.

morph section

morph:
  dial_timeout: 30s
  cache_ttl: 15s
  ape_chain_cache_size: 10000
  rpc_endpoint:
    - address: wss://rpc1.morph.frostfs.info:40341/ws
      priority: 1
    - address: wss://rpc2.morph.frostfs.info:40341/ws
      priority: 2
  switch_interval: 2m
  netmap:
    candidates:
      poll_interval: 20s
 ```

| Parameter                         | Type                                                      | Default value    | Description                                                                                                                                                         |
| --------------------------------- | --------------------------------------------------------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `dial_timeout`                    | `duration`                                                | `5s`             | Timeout for dialing connections to N3 RPCs.                                                                                                                         |
| `cache_ttl`                       | `duration`                                                | Morph block time | Sidechain cache TTL value (min interval between similar calls).<br/>Negative value disables caching.<br/>Cached entities: containers, container lists, eACL tables. |
| `rpc_endpoint`                    | list of [endpoint descriptions](#rpc_endpoint-subsection) | empty            | Array of endpoint descriptions. Must not be empty.                                                                                                                  |
| `switch_interval`                 | `duration`                                                | `2m`             | Time interval between the attempts to connect to the highest priority RPC node if the connection is not established yet.                                            |
| `ape_chain_cache_size`            | `int`                                                     | `10000`          | Size of the morph cache for APE chains.                                                                                                                             |
| `netmap.candidates.poll_interval` | `duration`                                                | `20s`            | Timeout to set up frequency of merge candidates to netmap with netmap in local cache.                                                                               |

## `rpc_endpoint` subsection
| Parameter         | Type       | Default value | Description                                                                                                                                                                                                              |
| ----------------- | ---------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `address`         | `string`   | `""`          | _WebSocket_ N3 endpoint.                                                                                                                                                                                                 |
| `priority`        | `int`      | `1`           | Priority of an endpoint. Endpoint with a higher priority (lower configuration value) has more chance of being used. Endpoints with equal priority are iterated over randomly; a negative priority is interpreted as `1`. |
| `trusted_ca_list` | `[]string` | empty         | Collection of Certificate Authority (CA) certificates.                                                                                                                                                                   |
| `certificate`     | `string`   | `""`          | Path to a certificate file.                                                                                                                                                                                              |
| `key`             | `string`   | `""`          | Path to a key file.                                                                                                                                                                                                      |

# `storage` section

Local storage engine configuration.

| Parameter                  | Type                              | Default value | Description                                                                                                      |
| -------------------------- | --------------------------------- | ------------- | ---------------------------------------------------------------------------------------------------------------- |
| `shard_ro_error_threshold` | `int`                             | `0`           | Maximum amount of storage errors to encounter before shard automatically moves to `Degraded` or `ReadOnly` mode. |
| `disable_shard_on_meta_loss`    | `bool`                            | `false`       | Whether to switch shard mode to `DISABLED` on metabase failure. If`false`, the mode switches to `DEGRADED_READ_ONLY` |
| `low_mem`                  | `bool`                            | `false`       | Reduce memory consumption by reducing performance.                                                               |
| `shard`                    | [Shard config](#shard-subsection) | empty         | Configuration for separate shards.                                                                               |

## `shard` subsection

Contains configuration for each shard. Keys must be consecutive numbers starting from zero.
`default` subsection has the same format and specifies defaults for missing values.
The following table describes configuration for each shard.

| Parameter                      | Type                                          | Default value | Description                                                                                               |
| ------------------------------ | --------------------------------------------- | ------------- | --------------------------------------------------------------------------------------------------------- |
| `compression`                  | [Compression config](#compression-subsection) | empty         | Compression config.                                                                                       |
| `mode`                         | `string`                                      | `read-write`  | Shard Mode.<br/>Possible values:  `read-write`, `read-only`, `degraded`, `degraded-read-only`, `disabled` |
| `resync_metabase`              | `bool`                                        | `false`       | Flag to enable metabase resync on start.                                                                  |
| `resync_metabase_worker_count` | `int`                                         | `1000`        | Count of concurrent workers to resync metabase.                                                           |
| `writecache`                   | [Writecache config](#writecache-subsection)   | empty         | Write-cache configuration.                                                                                |
| `metabase`                     | [Metabase config](#metabase-subsection)       | empty         | Metabase configuration.                                                                                   |
| `blobstor`                     | [Blobstor config](#blobstor-subsection)       | empty         | Blobstor configuration.                                                                                   |
| `pilorama`                     | [Pilorama config](#pilorama-subsection)       | empty         | Pilorama configuration.                                                                                   |
| `small_object_size`            | `size`                                        | `1M`          | Maximum size of an object stored in blobovnicza tree.                                                     |
| `gc`                           | [GC config](#gc-subsection)                   | empty         | GC configuration.                                                                                         |
| `limits`                       | [Shard limits config](#limits-subsection)     | empty         | Shard limits configuration.                                                                               |

### `compression` subsection

Contains compression config.

```yaml
compression:
  enabled: true
  level: smallest_size
  exclude_content_types:
    - audio/*
    - video/*
  estimate_compressibility: true
  estimate_compressibility_threshold: 0.7
Parameter Type Default value Description
enabled bool false Flag to enable compression.
level string optimal Compression level. Available values are optimal, fastest, smallest_size.
exclude_content_types []string empty List of content-types to disable compression for. Content-type is taken from Content-Type object attribute. Each element can contain a star * as a first (last) character, which matches any prefix (suffix).
estimate_compressibility bool false If true, then noramalized compressibility estimation is used to decide compress data or not.
estimate_compressibility_threshold float 0.1 Normilized compressibility estimate threshold: data will compress if estimation if greater than this value.

blobstor subsection

Contains a list of substorages each with it's own type. Currently only 2 types are supported: fstree and blobovnicza.

blobstor:
  - type: fstree
    path: /path/to/blobstor/fstree
    perm: 0o654
    depth: 1
  - type: blobovnicza
    path: /path/to/blobstor/blobovnicza
    perm: 0o644
    size: 4194304
    depth: 1
    width: 4
    opened_cache_capacity: 50
    opened_cache_ttl: 5m
    opened_cache_exp_interval: 15s

Common options for sub-storages

Parameter Type Default value Description
path string "" Path to the root of the blobstor.
perm file mode 0660 Default permission for created files and directories.

fstree type options

Parameter Type Default value Description
path string "" Path to the root of the blobstor.
perm file mode 0660 Default permission for created files and directories.
depth int 4 File-system tree depth.
no_sync bool false Allows unsynchronized writes to pilorama. Warning: setting to true may lead to dataloss.

blobovnicza type options

Parameter Type Default value Description
path string "" Path to the root of the blobstor.
perm file mode 0660 Default permission for created files and directories.
size size 1 G Maximum size of a single blobovnicza
depth int 2 Blobovnicza tree depth.
width int 16 Blobovnicza tree width.
opened_cache_capacity int 16 Maximum number of simultaneously opened blobovniczas.
opened_cache_ttl duration 0 TTL in cache for opened blobovniczas(disabled by default). In case of heavy random-read and 10 shards each with 10_000 databases and accessing 400 objects per-second we will access each db approximately once per ((10 * 10_000 / 400) = 250 seconds <= 300 seconds = 5 min). Also take in mind that in this scenario they will probably be closed earlier because of the cache capacity, so bigger values are likely to be of no use.
opened_cache_exp_interval duration 15s Cache cleanup interval for expired blobovnicza's.
init_worker_count int 5 Maximum number of concurrent initialization workers.
rebuild_drop_timeout duration 10s Timeout before drop empty blobovnicza file during rebuild.
strict_placement bool false If true, limits the object search to its HRW-determined path only; otherwise, a full search is allowed. This should be disabled if width has changed, and remain disabled until a rebuild is performed with the target fill percentage set to 100%.

pilorama subsection

Parameter Type Default value Description
path string "" Path to the root of the blobstor.
perm file mode 0660 Default permission for created files and directories.
no_sync bool false Allows unsynchronized writes to pilorama. Warning: setting to true may lead to dataloss.
max_batch_delay duration 0 Maximum delay before a batch starts.
max_batch_size int 0 Maximum amount of write operations to perform in a single transaction.

gc subsection

Contains garbage-collection service configuration. It iterates over the blobstor and removes object the node no longer needs.

gc:
  remover_batch_size: 200
  remover_sleep_interval: 5m
  expired_collector_batch_size: 500
  expired_collector_worker_count: 5
Parameter Type Default value Description
remover_batch_size int 100 Amount of objects to grab in a single batch.
remover_sleep_interval duration 1m Time to sleep between iterations.
expired_collector_batch_size int 500 Max amount of expired objects to grab in a single batch.
expired_collector_worker_count int 5 Max amount of concurrent expired objects workers.
unsafe_disabled bool false Disable GC internal routines.

metabase subsection

metabase:
  path: /path/to/meta.db
  perm: 0o644
  max_batch_size: 200
  max_batch_delay: 20ms
Parameter Type Default value Description
path string "" Path to the metabase file.
perm file mode 0660 Permissions to set for the database file.
max_batch_size int 1000 Maximum amount of write operations to perform in a single transaction.
max_batch_delay duration 10ms Maximum delay before a batch starts.
no_sync bool false Allows unsynchronized writes to metabase. Currently unused.
page_size int 4K Size of memory pages used for storing data in BoltDB. Currently unused.

writecache subsection

writecache:
  enabled: true
  path: /path/to/writecache
  capacity: 4294967296
  max_object_size: 134217728
  flush_worker_count: 30
Parameter Type Default value Description
enabled bool false Flag to enable writecache.
path string "" Path to the metabase file.
capacity size 1G Approximate maximum size of the writecache. If the writecache is full, objects are written to the blobstor directly.
max_object_count int unrestricted Approximate maximum objects count in the writecache. If the writecache is full, objects are written to the blobstor directly.
max_object_size size 64M Maximum object size allowed to be stored in the writecache.
flush_worker_count int 20 Amount of background workers that move data from the writecache to the blobstor.
max_flushing_objects_size size 512M Max total size of background flushing objects.
no_sync bool false Allows unsynchronized writes to writecache. Warning: setting to true may lead to dataloss.

limits subsection

limits:
  enabled: true
  max_read_running_ops: 10000
  max_read_waiting_ops: 1000
  max_write_running_ops: 1000
  max_write_waiting_ops: 100
  read:
    - tag: internal
      weight: 20
      limit_ops: 0
      reserved_ops: 1000
    - tag: client
      weight: 70
      reserved_ops: 10000
    - tag: background
      weight: 5
      limit_ops: 10000
      reserved_ops: 0
    - tag: writecache
      weight: 5
      limit_ops: 25000
    - tag: policer
      weight: 5
      limit_ops: 25000
  write:
    - tag: internal
      weight: 200
      limit_ops: 0
      reserved_ops: 100
    - tag: client
      weight: 700
      reserved_ops: 1000
    - tag: background
      weight: 50
      limit_ops: 1000
      reserved_ops: 0
    - tag: writecache
      weight: 50
      limit_ops: 2500
    - tag: policer
      weight: 50
      limit_ops: 2500
Parameter Type Default value Description
enabled bool false If false, then shard limits are disabled.
max_read_running_ops int 0 The maximum number of runnig read operations. Zero value (0) means no limit.
max_read_waiting_ops int 0 The maximum number of waiting read operations. Zero value (0) means no limit.
max_write_running_ops int 0 The maximum number of running write operations. Zero value (0) means no limit.
max_write_waiting_ops int 0 The maximum number of running write operations. Zero value (0) means no limit.
read []tag empty Array of shard read settings for tags.
write []tag empty Array of shard write settings for tags.
tag.tag string empty Tag name. Allowed values: client, internal, background, writecache, policer.
tag.weight float 0 Weight for queries with the specified tag. Weights must be specified for all tags or not specified for any one. Zero value (0) means no weight
tag.limit_ops float 0 Operations per second rate limit for queries with the specified tag. Zero value (0) means no limit.
tag.reserved_ops float 0 Reserved operations per second rate for queries with the specified tag. Zero value (0) means no reserve.
tag.prohibited bool false If true, operations with this specified tag will be prohibited.

node section

node:
  wallet:
    path: /path/to/wallet.json
    address: NcpJzXcSDrh5CCizf4K9Ro6w4t59J5LKzz
    password: password
  addresses:
    - grpc://external.ip:8082
  attribute:
    - "Price:11"
    - "UN-LOCODE:RU MSK"
    - "key:value"
  persistent_sessions:
    path: /sessions
  persistent_state:
    path: /state
  locode_db_path: "/path/to/locode/db"
Parameter Type Default value Description
key string "" Path to the binary-encoded private key.
wallet Wallet config empty Wallet configuration. Has no effect if key is provided.
addresses []string empty Addresses advertised in the netmap.
attribute []string empty Node attributes as a list of key-value pairs in <key>:<value> format.
persistent_sessions Persistent sessions config empty Persistent session token store configuration.
persistent_state Persistent state config empty Persistent state configuration.
locode_db_path string "" Path to UN/LOCODE database for FrostFS.

wallet subsection

N3 wallet configuration.

Parameter Type Default value Description
path string "" Path to the wallet file.
address string "" Wallet address to use.
password string "" Password to open the wallet.

persistent_sessions subsection

Contains persistent session token store configuration. By default sessions do not persist between restarts.

Parameter Type Default value Description
path string "" Path to the database.

persistent_state subsection

Configures persistent storage for auxiliary information, such as last seen block height. It is used to correctly handle node restarts or crashes.

Parameter Type Default value Description
path string .frostfs-storage-state Path to the database.

apiclient section

Configuration for the FrostFS API client used for communication with other FrostFS nodes.

apiclient:
  dial_timeout: 15s
  stream_timeout: 20s
  reconnect_timeout: 30s
| Parameter | Type | Default value | Description | | ----------------- | -------- | ------------- | --------------------------------------------------------------------- | | dial_timeout | duration | 5s | Timeout for dialing connections to other storage or inner ring nodes. | | stream_timeout | duration | 15s | Timeout for individual operations in a streaming RPC. | | allow_external | bool | false | Allows to fallback to addresses in ExternalAddr attribute. | | reconnect_timeout | duration | 30s | Time to wait before reconnecting to a failed node. |

policer section

Configuration for the Policer service. It ensures that object is stored according to the intended policy.

policer:
  head_timeout: 15s
  retry_policy:
    enabled: true
    max_attempts: 5
    initial_backoff: 0.1s
    max_backoff: 1s
    backoff_multiplier: 2
  retry_throttling:
    enabled: true
    max_tokens: 100
    token_ratio: 1
    token_decrement: 7
Parameter Type Default value Description
head_timeout duration 5s Timeout for performing the HEAD operation.
unsafe_disable bool false Disables policer. Warning: setting to true disables background replication and may lead to dataloss.
retry_policy.enabled bool false Enables retries when retriable error received.
retry_policy.initial_backoff duration 100ms The initial retry attempt will occur after initial_backoff * random(0.8, 1.2). The next attempt will occur at min(initial_backoff*backoff_multiplier**(n-1), max_backoff) * random(0.8, 1.2).
retry_policy.max_attempts int 5 Maximum number of attempts when getting retryable error by client.
retry_policy.max_backoff duration 1s Maximum delay between retries.
retry_policy.backoff_multiplier int 2 Backoff multiplier.
retry_throttling.enabled bool false Enables throttling for the retries. Throttling disables retries once the number of failed calls raises the threshold - internal variable token should be less than max_tokens/2.
retry_throttling.max_tokens int 100 Initial value for the internal variable token which maintained by client.
retry_throttling.token_ratio int 1 Every successful rpc increment value of token by token_ratio.
retry_throttling.token_decrement int 10 Every failed rpc decrement value of token by token_decrement.

replicator section

Configuration for the Replicator service.

replicator:
  put_timeout: 15s
  pool_size: 10
Parameter Type Default value Description
put_timeout duration 5s Timeout for performing the PUT operation.
pool_size int 10 Maximum amount of concurrent replications.

object section

Contains object-service related parameters.

object:
  get:
    priority:
      - $attribute:ClusterName
Parameter Type Default value Description
delete.tombstone_lifetime int 5 Tombstone lifetime for removed objects in epochs.
put.skip_session_token_issuer_verification bool false Skip session token issuer verification if true.
get.priority []string empty List of metrics of nodes for prioritization. Used for computing response on GET requests.

container section

Contains container-service related parameters.

container:
  list_stream:
    batch_size: 500
Parameter Type Default value Description
list_stream.batch_size int 1000 Maximum number of containers to send via stream at once.

tree section

tree:
  enabled: true
  cache_size: 15
  replication_worker_count: 32
  replication_channel_capacity: 32
  replication_timeout: 5s
  sync_interval: 1h
  sync_batch_size: 2000
  sync_worker_count: 15
  wait_sync_complete_on_startup: true
  authorized_keys:
    - 0397d207ea77909f7d66fa6f36d08daae22ace672be7ea4f53513484dde8a142a0
    - 02053819235c20d784132deba10bb3061629e3a5c819a039ef091841d9d35dad56
Parameter Type Default value Description
enabled bool false Flag to enable Tree Service.
cache_size int 0 Number of cached container nodes by ID. It is used to skip GetContainerNodes invocation if neither netmap nor container has changed.
replication_worker_count int 0 Number of concurrent replication workers.
replication_channel_capacity int 0 Number of allowed concurrent replication operations.
replication_timeout duration 0 Timeout of replication task on endpoint.
sync_interval duration 0 Time interval between tree synchronisations. Synchronisation happens on new epoch if sync_interval is not specified.
sync_batch_size int 1000 Number of operations to be replicated at once on tree synchronisation.
sync_worker_count int 20 Number of concurrent workers for container synchronisation.
unsafe_sync_disabled bool false Disables tree synchronisation according to netmap information.
wait_sync_complete_on_startup bool false If true, then tree service will return error until initial sync completed.
authorized_keys []string empty List of public keys which are used to authorize requests to the Tree Service.

rpc section

Contains limits on the number of active RPC for specified method(s).

rpc:
  limits:
    - methods:
      - /frost.fs.object.ObjectService/PutSingle
      - /frost.fs.object.ObjectService/Put
      max_ops: 1000
      tags:
      - tag: "policer"
        limit_ops: 100
      - tag: "client"
        limit_ops: 600
    - methods:
      - /frost.fs.object.ObjectService/Get
      max_ops: 10000
Parameter Type Default value Description
limits.max_ops int 0 Maximum number of active RPC allowed for the given method(s)
limits.methods []string empty List of RPC methods sharing the given limit
limits.tags []tag empty Array of limit settings for tags.
tag.tag string empty Tag name which should be limited.
tag.limit_ops int64 0 Maximum number of active RPC allowed for the given tag.

runtime section

Contains runtime parameters.

runtime:
  soft_memory_limit: 1GB
Parameter Type Default value Description
soft_memory_limit size 0 Soft memory limit for the runtime. Zero or no value stands for no limit. If GOMEMLIMIT environment variable is set, the value from the configuration file will be ignored.

audit section

Contains audit parameters.

audit:
  enabled: true
Parameter Type Default value Description
enabled bool false Flag to enable data audit. If true then audit event logs will be recorded.

multinet section

Contains multinet parameters.

multinet:
  enabled: true
  subnets:
    - mask: 192.168.219.174/24
      source_ips:
        - 192.168.218.185
        - 192.168.219.185
    - mask: 10.78.70.74/24
      source_ips:
        - 10.78.70.185
        - 10.78.71.185
  balancer: roundrobin
  restrict: false
  fallback_delay: 350ms
Parameter Type Default value Description
enabled bool false Flag to enable multinet. If true then source-based routing is enabled.
subnets subnet empty Resulting subnets.
balancer string "" Balancer to select network interfaces, allowed values are "" (no balancing, use first suitable interface) or "roundrobin".
restrict bool false If true then any requests that do not match subnets will fail.
fallback_delay duration 350ms Delay before fallback to secondary IP addresses in case of hostname resolve.

qos section

qos:
  critical:
    authorized_keys:
      - 035839e45d472a3b7769a2a1bd7d54c4ccd4943c3b40f547870e83a8fcbfb3ce11
      - 028f42cfcb74499d7b15b35d9bff260a1c8d27de4f446a627406a382d8961486d6
  internal:
    authorized_keys:
      - 035839e45d472a3b7769a2a1bd7d54c4ccd4943c3b40f547870e83a8fcbfb3ce11
      - 028f42cfcb74499d7b15b35d9bff260a1c8d27de4f446a627406a382d8961486d6
| Parameter | Type | Default value | Description | | -------------------------- | -------------- | ------------- | --------------------------------------------------------------------------- | | critical.authorized_keys | []public key | empty | List of public keys for which requests with the tag critical are allowed. | | internal.authorized_keys | []public key | empty | List of public keys for which requests with the tag internal are allowed. |

tracing section

tracing:
  enabled: true
  exporter: "otlp_grpc"
  endpoint: "localhost"
  trusted_ca: `""`
  attributes:
    - key: key0
      value: value
    - key: key1
      value: value
| Parameter | Type | Default value | Description | | -------------------------- | ---------------- | ------------- | ------------------------------------------------------------------------------------------- | | enabled | bool | false | Flag to enable tracing. | | exporter | string | "" | Export format for traces. Possible values are otlp_grpc, stdout, noop | | endpoint | string | "" | Address that service listener binds to. | | trusted_ca | string | "" | Path to a file containing trusted Certificate Authority (CA) certificates. | | attributes | []string | empty | Trcing attributes as a list of key-value pairs. |

systemdnotify section

Contains systemd service notifications configuration.

systemdnotify:
  enabled: true
| Parameter | Type | Default value | Description | | --------- | ------ | ------------- | ------------------------------------------------------------------------------------------------------- | | enabled | bool | false | Flag to enable service status in systemd. If true then service notifications to systemd will be sent. |