jesus/provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
provisioning/schemas/platform/templates/configs/orchestrator-config.toml.ncl

245 lines
5.8 KiB
Plaintext
Raw Normal View History

chore: complete nickel migration and consolidate legacy configs - Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/
2026-01-08 09:55:37 +00:00
# Orchestrator Service Configuration - TOML Export
# Generates TOML configuration for Orchestrator service
# Supports 4 deployment modes: solo, multiuser, cicd, enterprise
#
# Usage:
# nickel export --format toml orchestrator-config.toml.ncl > orchestrator.toml
# ORCHESTRATOR_MODE=solo nickel export --format toml orchestrator-config.toml.ncl > orchestrator.solo.toml
{
# Workspace Configuration
workspace = {
name = "default",
path = "/var/lib/provisioning/orchestrator",
enabled = true,
multi_workspace = false,
},
# Server Configuration
server = {
host = "0.0.0.0",
port = 9090,
workers = 4,
keep_alive = 75,
max_connections = 512,
},
# Storage Backend Configuration
storage = {
# Mode-specific overrides:
# - solo: "filesystem"
# - multiuser: "surrealdb_server"
# - cicd: "filesystem" (ephemeral)
# - enterprise: "surrealdb_cluster"
backend = "filesystem",
# Filesystem storage (solo, cicd modes)
path = "/var/lib/provisioning/orchestrator/data",
# SurrealDB connection (multiuser, enterprise modes)
# surrealdb_url = "surrealdb://localhost:8000",
# surrealdb_namespace = "provisioning",
# surrealdb_database = "orchestrator",
},
# Queue/Task Processing Configuration
queue = {
# Maximum concurrent tasks running simultaneously
# Constraints: min=1, max=100
max_concurrent_tasks = 5,
# Retry strategy for failed tasks
retry_attempts = 3,
retry_delay = 5000, # milliseconds
# Task execution timeout
task_timeout = 3600000, # milliseconds (1 hour)
# Task deadletter queue configuration
deadletter_queue = {
enabled = true,
max_messages = 1000,
retention_period = 86400, # seconds (24 hours)
},
# Task priority levels
priority_levels = ["low", "normal", "high"],
default_priority = "normal",
},
# Batch Workflow Configuration
batch = {
# Maximum parallel operations within a batch
# Constraints: min=1, max=50
parallel_limit = 5,
# Operation execution timeout
operation_timeout = 1800000, # milliseconds (30 minutes)
# Batch checkpoint strategy
checkpoint = {
enabled = true,
interval = 100, # Save checkpoint every N operations
auto_cleanup = true,
max_checkpoints = 10,
},
# Rollback strategy
rollback = {
strategy = "automatic", # "automatic" or "manual"
retain_logs = true,
},
},
# Monitoring and Observability
monitoring = {
enabled = true,
# Metrics collection
metrics = {
enabled = true,
interval = 30, # seconds
export_format = "prometheus",
},
# Health check configuration
health_check = {
enabled = true,
interval = 30, # seconds
timeout = 10, # seconds
},
# Resource monitoring
resources = {
track_cpu = true,
track_memory = true,
track_disk = true,
alert_threshold_cpu = 90, # percent
alert_threshold_memory = 85, # percent
alert_threshold_disk = 90, # percent
},
# Performance profiling
profiling = {
enabled = false,
sample_rate = 0.1, # 10% of requests
},
},
# Logging Configuration
logging = {
# Log level: trace, debug, info, warn, error
level = "info",
# Log format: json, text
format = "json",
# Log output destinations
outputs = [
{
destination = "stdout",
level = "info",
},
{
destination = "file",
path = "/var/log/provisioning/orchestrator/orchestrator.log",
level = "debug",
rotation = {
max_size = "100MB",
max_backups = 10,
max_age = 30, # days
},
},
],
# Structured logging fields
include_fields = [
"timestamp",
"level",
"message",
"task_id",
"workflow_id",
"duration",
"status",
],
},
# Security Configuration
security = {
# Authentication
auth = {
enabled = true,
method = "jwt",
jwt_secret = "${JWT_SECRET}",
jwt_issuer = "provisioning.local",
jwt_audience = "orchestrator",
token_expiration = 3600, # seconds (1 hour)
},
# CORS configuration
cors = {
enabled = true,
allowed_origins = ["https://control-center:8080"],
allowed_methods = ["GET", "POST", "PUT", "DELETE"],
allowed_headers = ["Content-Type", "Authorization"],
expose_headers = ["X-Request-ID"],
},
# TLS/SSL configuration
tls = {
enabled = false, # Typically behind reverse proxy
cert_path = "/etc/provisioning/certs/cert.pem",
key_path = "/etc/provisioning/certs/key.pem",
min_version = "TLSv1.2",
},
# Rate limiting
rate_limit = {
enabled = true,
requests_per_second = 1000,
burst_size = 100,
},
},
# Extension Management
extensions = {
# Auto-load extensions from OCI registry
auto_load = false,
oci_registry_url = "registry.example.com",
oci_namespace = "provisioning/extensions",
# Refresh interval for extension updates (hours)
refresh_interval = 24,
# Maximum concurrent extension initializations
max_concurrent_init = 5,
},
# Database Connection Pool (for non-filesystem storage)
database = {
# Connection pool settings
pool = {
min_size = 5,
max_size = 20,
connection_timeout = 30, # seconds
idle_timeout = 300, # seconds
max_lifetime = 1800, # seconds
},
# Retry strategy
retry = {
max_attempts = 3,
initial_backoff = 100, # milliseconds
max_backoff = 30000, # milliseconds
},
},
# Feature Flags
features = {
enable_audit_logging = true,
enable_task_history = true,
enable_performance_tracking = true,
enable_experimental_features = false,
},
}
Reference in New Issue Copy Permalink