mirror of
https://github.com/status-im/consul.git
synced 2025-01-09 21:35:52 +00:00
85c1a33c42
Co-authored-by: Ashlee Boyer <ashlee.boyer@hashicorp.com> Co-authored-by: Ashlee M Boyer <43934258+ashleemboyer@users.noreply.github.com> Co-authored-by: Tu Nguyen <im2nguyen@gmail.com> Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com> Co-authored-by: HashiBot <62622282+hashibot-web@users.noreply.github.com> Co-authored-by: Kevin Wang <kwangsan@gmail.com>
94 lines
4.8 KiB
Plaintext
94 lines
4.8 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Configuration
|
|
description: >-
|
|
The agent has various configuration options that can be specified via the
|
|
command-line or via configuration files. All of the configuration options are
|
|
completely optional. Defaults are specified with their descriptions.
|
|
---
|
|
|
|
# Configuration
|
|
|
|
The agent has various configuration options that can be specified via
|
|
the command-line or via configuration files. All of the configuration
|
|
options are completely optional. Defaults are specified with their
|
|
descriptions.
|
|
|
|
Configuration precedence is evaluated in the following order:
|
|
|
|
1. [Command line arguments](/docs/agent/config/cli-flags)
|
|
2. [Configuration files](/docs/agent/config/config-files)
|
|
|
|
When loading configuration, the Consul agent loads the configuration from files and
|
|
directories in lexical order. For example, configuration file
|
|
`basic_config.json` will be processed before `extra_config.json`. Configuration
|
|
can be in either [HCL](https://github.com/hashicorp/hcl#syntax) or JSON format.
|
|
Available in Consul 1.0 and later, the HCL support now requires an `.hcl` or
|
|
`.json` extension on all configuration files in order to specify their format.
|
|
|
|
Configuration specified later will be merged into configuration specified
|
|
earlier. In most cases, "merge" means that the later version will override the
|
|
earlier. In some cases, such as event handlers, merging appends the handlers to
|
|
the existing configuration. The exact merging behavior is specified for each
|
|
option below.
|
|
|
|
The Consul agent also supports reloading configuration when it receives the
|
|
SIGHUP signal. Not all changes are respected, but those that are
|
|
documented below in the
|
|
[Reloadable Configuration](#reloadable-configuration) section. The
|
|
[reload command](/commands/reload) can also be used to trigger a
|
|
configuration reload.
|
|
|
|
You can test the following configuration options by following the
|
|
[Getting Started](https://learn.hashicorp.com/tutorials/consul/get-started-install?utm_source=docs)
|
|
tutorials to install a local agent.
|
|
|
|
## Ports Used
|
|
|
|
Consul requires up to 6 different ports to work properly, some on
|
|
TCP, UDP, or both protocols.
|
|
|
|
Review the [required ports](/docs/install/ports) table for a list of
|
|
required ports and their default settings.
|
|
|
|
## Reloadable Configuration
|
|
|
|
Reloading configuration does not reload all configuration items. The
|
|
items which are reloaded include:
|
|
|
|
- ACL Tokens
|
|
- [Configuration Entry Bootstrap](/docs/agent/config/config-files#config_entries_bootstrap)
|
|
- Checks
|
|
- [Discard Check Output](/docs/agent/config/config-files#discard_check_output)
|
|
- HTTP Client Address
|
|
- Log level
|
|
- [Metric Prefix Filter](/docs/agent/config/config-files#telemetry-prefix_filter)
|
|
- [Node Metadata](/docs/agent/config/config-files#node_meta)
|
|
- Some Raft options (since Consul 1.10.0)
|
|
- [`raft_snapshot_threshold`](/docs/agent/config/config-files#_raft_snapshot_threshold)
|
|
- [`raft_snapshot_interval`](/docs/agent/config/config-files#_raft_snapshot_interval)
|
|
- [`raft_trailing_logs`](/docs/agent/config/config-files#_raft_trailing_logs)
|
|
- These can be important in certain outage situations so being able to control
|
|
them without a restart provides a recovery path that doesn't involve
|
|
downtime. They generally shouldn't be changed otherwise.
|
|
- [RPC rate limiting](/docs/agent/config/config-files#limits)
|
|
- [HTTP Maximum Connections per Client](/docs/agent/config/config-files#http_max_conns_per_client)
|
|
- Services
|
|
- TLS Configuration
|
|
- Please be aware that this is currently limited to reload a configuration that is already TLS enabled. You cannot enable or disable TLS only with reloading.
|
|
- To avoid a potential security issue, the following TLS configuration parameters do not automatically reload when [-auto-reload-config](/docs/agent/config/cli-flags#_auto_reload_config) is enabled:
|
|
- [encrypt_verify_incoming](/docs/agent/config/config-files#encrypt_verify_incoming)
|
|
- [verify_incoming](/docs/agent/config/config-files#verify_incoming)
|
|
- [verify_incoming_rpc](/docs/agent/config/config-files#verify_incoming_rpc)
|
|
- [verify_incoming_https](/docs/agent/config/config-files#verify_incoming_https)
|
|
- [verify_outgoing](/docs/agent/config/config-files#verify_outgoing)
|
|
- [verify_server_hostname](/docs/agent/config/config-files#verify_server_hostname)
|
|
- [ca_file](/docs/agent/config/config-files#ca_file)
|
|
- [ca_path](/docs/agent/config/config-files#ca_path)
|
|
|
|
If any of those configurations are changed while [-auto-reload-config](/docs/agent/config/cli-flags#_auto_reload_config) is enabled,
|
|
Consul will issue the following warning, `Static Runtime config has changed and need a manual config reload to be applied`.
|
|
You must manually issue the `consul reload` command or send a `SIGHUP` to the Consul process to reload the new values.
|
|
- Watches
|
|
- [License](/docs/enterprise/license/overview)
|