forked from couchbase/kv_engine
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmemcached.json.4.txt
416 lines (301 loc) · 14.4 KB
/
memcached.json.4.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
= memcached.json(4)
:doctype: manpage
Trond Norbye <[email protected]>
== NAME
memcached.json - memcached configuration file
== DESCRIPTION
*memcached.json* is a JSON encoded file specifying the properties
used to configure the memcached server. Some of the parameters
may be changed at runtime by instructing memcached to reread the
configuration file. These properties is explicitly marked as
such.
The following sections describes the various attributes that may
be specified.
=== root
This is the root directory of the Couchbase server installation.
=== breakpad
The *breakpad* attribute is used to configure the Breakpad crash
catcher. When enabled (and on a supported platform), if memcached
crashes a minidump containing information on the state of memcached
will be written to disk.
It is an object with the following attributes:
enabled A boolean value specifying if Breakpad is enabled.
If true (and *minidump_dir* is set) minidumps will
be output to directory specified by *minidump_dir*.
If not specified then defaults to false.
minidump_dir A string value specifying the directory to write any
outputted minidumps to. If not specified then
Breakpad is not enabled.
content A string value specifying what data will be included
in generated minidumps. Currently the only permitted
value is "default".
*enabled*, *minidump_dir* and *content* may be modified at runtime by
instructing memcached to reread the configuration file.
=== audit_file
Specify the filename containing all of the Audit configurations
=== rbac_file
Specify the filename containing the RBAC database.
=== privilege_debug
The *privilege_debug* attribute is a boolean value that may be set
(in development) to make all missing privilege calls return success
(and the missing privilege is logged). See docs/rbac.md for more
information.
=== ssl_cipher_list
Specify the list of ciphers to use. The format of the string is
described in ciphers ( https://www.openssl.org/docs/apps/ciphers.html
). By default no value is specified causing whatever openssl defaults
to to be enabled. Some values may be:
HIGH Only enable "high" encrypthion ciphers (keys > 128
bits)
MEDIUM In addition to the high encryption ciphers, also
allow 128 bit encryption
=== ssl_minimum_protocol
Specify the minimum protocol allowed for ssl. The default disables
SSLv2 and SSLv3 and allows for TLSv1, TLSv1.1 and TLSv1.2. The
string is case insensitive, and the following values may be used:
TLSv1 Allow TLSv1, TLSv1.1 and TLSv1.2
TLSv1.1/TLSv1_1 Allow TLSv1.1 and TLSv1.2
TLSv1.2/TLSv1_2 Allow TLSv1.2
=== threads
The *threads* attribute specify the number of threads used to serve
clients. By default this number is set to 75% of the number of cores
available on the system (but no less than 4). The value for threads
should be specified as an integral number.
=== interfaces
The *interfaces* attribute is used to specify an array of interfaces
memcached should listen at. Each entry in the interfaces array is an
object describing a single interface with the following properties:
host A string value specifying the hostname to bind to.
If the attribute is missing (or set to "*")
IN_ADDR_ANY is used.
port An integral number specifying the port number
IPv4 A boolean value specifying if IPv4 should be enabled
or not. By default IPv4 is enabled.
IPv6 A boolean value specifying if IPv6 should be enabled
or not. By default IPv6 is enabled.
maxconn An integral number specifying the maximum number of
concurrent clients that may be connected.
backlog An integral number specifying the backlog size
set to listen.
tcp_nodelay A boolean value if TCP_NODELAY should be set or not.
By default tcp_nodelay is enabled.
ssl An object specifying SSL related properties.
See below.
management A boolean value if this interface is used by the
management system.
protocol A string value specifying the protocol enabled
for this port. If not present the memcached binary
protocol is used. Legal values: "memcached"
The *ssl* object contains the two *mandatory* attributes:
key A string value with the absolute path to the
file containing the private key to use.
cert A string value with the absolute path to the
file containing the X.509 certificate to use.
*maxconn*, *backlog*, *tcp_nodelay*, *ssl.key* and *ssl.cert* may
be modified by instructing memcached to reread the configuration
file.
=== extensions
The *extensions* attribute is deprecated and no longer in use
=== stdin_listener
The *stdin_listener* attribute is a boolean attribute set to true
if the standard input listener should be used or not.
=== engine
The *engine* parameter is no longer used and ignored.
=== default_reqs_per_event
The *default_reqs_per_event* attribute is an integral value specifying
the number of request that may be served per client before serving
the next client (to avoid starvation). The default value is 20.
*default_reqs_per_event* may be updated by instructing memcached to
reread the configuration file.
=== reqs_per_event_high_priority
The *reqs_per_event_high_priority* attribute is an integral value
specifying the number of request that may be served per high priority
client before serving the next client (to avoid starvation). The
default value is 20.
*reqs_per_event_high_priority* may be updated by instructing memcached
to reread the configuration file.
=== reqs_per_event_med_priority
The *reqs_per_event_med_priority* attribute is an integral value
specifying the number of request that may be served per medium priority
client before serving the next client (to avoid starvation). The
default value is 20.
*reqs_per_event_med_priority* may be updated by instructing memcached
to reread the configuration file.
=== reqs_per_event_low_priority
The *reqs_per_event_low_priority* attribute is an integral value
specifying the number of request that may be served per low priority
client before serving the next client (to avoid starvation). The
default value is 20.
*reqs_per_event_low_priority* may be updated by instructing memcached
to reread the configuration file.
=== bio_drain_buffer_sz
The *bio_drain_buffer_sz* attribute is an integral value specifying
the number of bytes in the BIO drain buffer. This is an interal
setting just used by the engineers for testing.
=== verbosity
The *verbosity* attribute is an integral value specifying the amount
of output produced by the memcached server. By default this value is
set to 0 resulting in only warnings to be emitted. Setting this
value too high will produce a lot of output which is most likely
meaningless for most people.
*verbosity* may be updated by instructing memcached to reread
the configuration file.
=== connection_idle_time
The *connection_idle_time* attribute is an integral value specifying the
number of seconds a connection may be idle until the server will disconnect.
By default the connection idle time is set to 5 minutes.
*connection_idle_time* may be updated by instructing memcached to reread the
configuration file.
=== datatype_json
The *datatype_json* attribute is a boolean value to enable the support
for using the datatype JSON extension. By default this support is *enabled*.
=== datatype_snappy
The *datatype_snappy* attribute is a boolean value to enable the support
for using the datatype snappy extension. By default this support is
*enabled*.
=== max_packet_size
The *max_packet_size* attribute is an integer value that specify the
maximum packet size (in MB) allowed to be received from clients without
disconnecting them. This is a safetynet for avoiding the server to
try to spool up a 4GB packet. When a packet is received on the
network with a body bigger than this threshold EINVAL is returned
to the client and the client is disconnected.
=== saslauthd_socketpath
The *saslauthd_socketpath* attribute is a string value containing
the path to the socket file used by saslauthd. If not specified
the value */var/run/saslauthd/mux* is used.
=== sasl_mechanisms
the *sasl_mechanisms* attribute is a string value containing the SASL
mechanisms that should be available for clients. It is not a dynamic
value and require restart in order to change.
=== ssl_sasl_mechanisms
the *ssl_sasl_mechanisms* attribute is a string value containing the SASL
mechanisms that should be available for clients connecting over SSL.
It is not a dynamic value and require restart in order to change.
By default this value is set to PLAIN (the default value may be cleared
by setting the environment variable `COUCHBASE_I_DONT_TRUST_SSL` to a
non-null value.
=== client_cert_auth
The client_cert_auth object is used to enable client certificate
authentication and control how the username is extracted from the client
certificate. It contains the following attributes.
*state*. Possible values for this paramters can be disabled,
enabled or mandatory. When enabled, if the server will request a
certificate from the client but if the certificate cannot be verified
it will stil allow the connection. In mandatory mode, the client connection
is dropped if the client certificate cannot be verified.
The path attribute specifies the field which will be used to extract the
username from the certificate and map that to user defined in Couchbase.
Currently only subject.cn, san.uri, san.email and san.dnsname are allowed.
This attribute is optional, however if defined, then the provided client
certificates must contain the fields which is used for the mapping,
*and the user must* be defined in Couchbase for the connection to be
established.
The prefix attribute specifices the prefix value to be ignored while
extracting the username from the certificate.
The delimiter attribute can be a string of characters and the parsing
of the username ends when one of the characters in the string is found.
=== dedupe_nmvb_maps
The *dedupe_nmvb_maps* attribute is a boolean value to enable deduplication
of the cluster maps in the "Not My VBucket" response messages sent to
the clients. By default this value is set to false.
=== error_maps_dir
A directory containing one or more JSON-formatted error maps. The error maps
are returned to the client using the GET_ERROR_MAP protocol command.
Multiple error maps correspond to multiple versions.
The format of the error map itself is described in `docs/ErrorMap.md`
=== xattr_enabled
The *xattrs_enabled* attribute is a boolean value to enable or disable
the use of extended attributes on documents. It may be overridden by
privileged connections to allow them to set up replication streams
before users create them.
=== tracing_enabled
The *tracing_enabled* attribute is a boolean value to enable or disable
retrieving tracedata from the server. If enabled, the time the request
took on the server will be sent back as a part of the response.
=== opcode-attributes-override
The *opcode-attributes-override* attribute is an object which follows
the syntax outlined in etc/couchbase/kv/opcode-attributes.d/README.md
=== topkeys_enabled
The *topkeys_enabled* attribute is a boolean value to enable or disable
collection of information about the most frequently used keys. If not
specified its value is set to true.
=== logger
The *logger* attribute is used to specify properties for the logger
used by memcached. It is an object with the following properties:
filename The prefix of the files to use for logging. The
logger appends: nnnnnn.txt to the prefix specified
where nnnnnn is replaced with a sequence number.
If no filename is specified, no files will be written.
buffersize The buffers used by the logger to buffer data before
dumping to disk. This property is only used when
filename is present.
cyclesize The number of bytes to write to a file before starting
a new one.
sleeptime The number of seconds to allow buffering before flushing
to disk.
unit_test Boolean variable set to true when used for unit tests
console Boolean variable (defaults to true) if log messages
should be sent to standard error as well.
== EXAMPLES
A Sample memcached.json:
{
"root" : "/opt/couchbase",
"breakpad" :
{
"enabled" : true,
"minidump_dir" : "/opt/couchbase/var/crash",
"content" : "default"
},
"audit_file" : "/opt/couchbase/etc/security/audit.json",
"rbac_file" : "/opt/couchbase/etc/security/rbac.json",
"privilege_debug" : false,
"error_maps_dir": "/opt/couchbase/etc/error_maps",
"ssl_cipher_list" : "HIGH",
"threads" : 4,
"interfaces" :
[
{
"host" : "*",
"port" : 11209,
"IPv4" : true,
"IPv6" : true,
"maxconn" : 10000,
"backlog" : 1024,
"tcp_nodelay" : true,
"ssl" :
{
"key" : "/etc/memcached/pkey",
"cert" : "/etc/memcached/cert"
},
"protocol" : "memcached"
}
],
"stdin_listener" : false,
"engine" : {
"module" : "bucket_engine.so",
"config" : "admin=_admin;default_bucket_name=default;auto_create=false"
},
"default_reqs_per_event" : 20,
"reqs_per_event_high_priority" : 40,
"reqs_per_event_med_priority" : 20,
"reqs_per_event_low_priority" : 10,
"verbosity" : 2,
"datatype_json" : true,
"datatype_snappy" : true,
"max_packet_size" : 25,
"bio_drain_buffer_sz" : 8192,
"sasl_mechanisms" : "SCRAM-SHA512 SCRAM-SHA256 SCRAM-SHA1",
"saslauthd_socketpath" : "/var/run/saslauthd/mux",
"dedupe_nmvb_maps" : true,
"xattr_enabled" : true,
"tracing_enabled" : true,
"opcode-attributes-override": {
"version": 1,
"get": {
"slow": 200
}
}
}
== COPYRIGHT
Copyright 2016 Couchbase, Inc.