digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-11-10 10:46:11 +03:00
Code Issues Projects Releases Wiki Activity
6d27505010
daml/ledger/sandbox-on-x/reference.conf

599 lines
25 KiB
Plaintext
Raw Blame History

######################################
# Sandbox-on-X Reference Config File #
######################################
# Notes:
# Commented out sections or fields are optional.
# Some values choosen here as defaults are no intended to be production ready.
ledger {
# The ID of the ledger. This must be the same each time the ledger is started.
ledger-id = default-ledger-id
metrics {
# Enables metrics to be reported via defined `reporter`.
enabled = false
# Defines a reporter of metrics of a different type with its parameters.
# Options:
# console
# Prints captured metrics to standard output.
# csv://</path/to/metrics.csv>
# Saves the captured metrics in CSV format at the specified location.
# graphite://HOST[:PORT][/METRIC_PREFIX]
# Sends captured metrics to a Graphite server. If the port is omitted, the default
# value ``2003`` will be used. A ``metric_prefix`` can be specified, causing
# all metrics to be reported with the specified prefix.
# prometheus://HOST[:PORT]
# renders captured metrics on an HTTP endpoint in accordance with the prometheus protocol. If the port
# is omitted, the default value ``55001`` will be used. The metrics will be
# available under the address ``http://<server_host>:<server_port>/metrics``.
reporter = console
# Metrics are pre-aggregated and sent to the reporter, this option allows the user
# to set the interval.
reporting-interval = 10 seconds
# Defines the type of registry being created for each Participant configuration.
# Options: jvm-shared, new
registry-type = jvm-shared
}
engine {
# The Engine configurations describes the versions of language and
# transaction the engine is allowed to read and write together with
# engine debugging feature.
# The range of language versions the engine is allowed to load.
# The engine will crash if it asked to load a language version
# that is not included in this range.
# Options: legacy, stable, early-access, daml-lf-dev-mode-unsafe
allowed-language-versions = stable
# Defines the behavior of the Daml engine when it encounters submissions with duplicate contract keys.
# Options:
# strict
# The Daml engine rejects submissions with duplicate contract keys. This is the default option.
# off
# Key uniqueness checks are disabled.
contract-key-uniqueness = strict
# Disables supports for legacy contract IDs.
forbid-v-0-contract-id = true
# This section configures limits to be enforced by the Daml engine
# when executing a Daml command.
limits {
# The maximum number of choice controllers allowed for Daml contracts.
choice-controllers = 2147483647
# The maximum number of choice observers allowed for Daml contracts.
choice-observers = 2147483647
# The maximum number of contract observers allowed for Daml contracts.
contract-observers = 2147483647
# The maximum number of contract signatories allowed for Daml contracts.
contract-signatories = 2147483647
# The maximum number of input contracts allowed for a Daml transaction.
transaction-input-contracts = 2147483647
}
# Enables package validation for loaded packages.
package-validation = true
# Since August 2018 we expect new ledgers to suffix CIDs before committing
# a transaction. This option should be disable for backward compatibility in ledger
# that do not (i.e. Sandboxes, KV, Corda).
require-suffixed-global-contract-id = false
# The optional specifies the directory where to save the output of the Daml
# scenario profiler. The profiler is disabled if the option is empty.
# profile-dir = null
# The flag enables the runtime support for stack traces.
stack-trace-mode = false
}
data-source {
# This section defines data source configuration as JDBC url for each
# participant instance defined by participant-id. Defined as `participant-0` here.
participant-0 = "jdbc:h2:mem:participant-0"
}
participants {
# This section defines participant configuration for each
# participant instance defined by participant-id. Defined as `participant-0` here.
participant-0 {
# An override of `participant-id` as defined by the configuration key above.
# Useful to define participant-id using environment variable.
# participant-id-override = participant-override-0
api-server {
# The duration during which stream shutdown is still considered to be graceful.
# or
# The duration after which stream shutdown is no longer considered to be graceful.
api-stream-shutdown-timeout = 5 seconds
command {
# Maximum number of commands waiting to be submitted for each distinct set of parties,
# as specified by the `act_as` property of the command. Reaching this limit will cause the
# server to signal backpressure using the ``RESOURCE_EXHAUSTED`` gRPC status code.
input-buffer-size = 512
# Maximum number of submitted commands waiting to be completed in parallel, for each
# distinct set of parties, as specified by the `act_as` property of the command. Reaching
# this limit will cause new submissions to wait in the queue before being submitted.
max-commands-in-flight = 256
# The duration after the last interaction that the command service will keep an active command
# tracker for a given set of parties. A longer period cuts down on the tracker instantiation
# cost for a party that seldom acts. A shorter period causes a quick removal of unused trackers.
tracker-retention-period = 5 minutes
}
# The timeout for looking up the current ledger configuration. The ledger API server will still start
# but services dependent on the configuration will return an error.
configuration-load-timeout = 10 seconds
initial-ledger-configuration {
# Instructions on how to initialize an empty ledger, without a configuration.
# A configuration is only submitted if one is not detected on the ledger
# and the flag is set to `true`
enabled = true
# The expected average latency of a transaction, i.e., the average time from submitting
# the transaction to a write service and the transaction being assigned a record time.
avg-transaction-latency = 0 seconds
# The delay until the participant tries to submit a configuration.
delay-before-submitting = 0 seconds
# The maximum time window during which commands can be deduplicated.
max-deduplication-duration = 60 minutes
# The maximum skew between ledger time and record time: lt_TX <= rt_TX + maxSkew
max-skew = 30 seconds
# The minimimum skew between ledger time and record time: lt_TX >= rt_TX - minSkew
min-skew = 30 seconds
}
# The timeout for the synchornous interaction with package and party management services.
management-service-timeout = 2 minutes
# Max inbound message size in bytes.
# You can use this parameter to increase (or decrease) the maximum size of a
# GRPC message. Often, DARs or transactions can become larger than the default
# of 4194304 bytes (4 MB). Increasing this will allow for larger transactions,
# at the expense of processing time.
max-inbound-message-size = 67108864 #64 * 1024 * 1024
# An address to bind a network interface to. Can be set to an ip or hostname.
address = localhost
# Port to bind a network interface to. Can be set to the 0 as port number to get random available port.
port = 6865
# Location of the temporary `portfile` where port number will be written to.
# port-file = "/tmp/path/to/portfile"
rate-limit {
# Enables rate limiting with provided configuration below.
enabled = true
# The maximum number of non-running items in the IndexDb execution service
max-api-services-index-db-queue-size = 1000
# The maximum number of non-running items in the ApiServices execution service
max-api-services-queue-size = 10000
# The maximum number of running streams
max-streams = 1000
# If, following a garbage collection of the 'tenured' memory pool, the percentage of used pool memory is
# above this percentage the system will be rate limited until additional space is freed up.
max-used-heap-space-percentage = 85
# If, following a garbage collection of the 'tenured' memory pool, the amount of free space is below
# this value the system will be rate limited until additional space is freed up.
min-free-heap-space-bytes = 314572800 #300Mb
}
# Set the seeding of contract ids.
# Options: strong, testing-weak, testing-static
seeding = strong
# Defines the time provider on the ledger.
# Options: static, wall-clock
time-provider-type = wall-clock
#tls {
# # To protect data in transit and over untrusted networks, the Ledger API leverages
# # TLS support built into gRPC to allow clients to verify the identity of the
# # server and encrypt the communication channel over which the Ledger API requests
# # and responses are sent.
#
# # Enables TLS setup for the server.
# enabled=false
#
# # The crt file to be used as the cert chain. Required if any other TLS parameters are set.
# cert-chain-file=/path/to/key-cert-chain-file
#
# # The pem file to be used as the private key. Use '.enc' filename suffix if the pem file is encrypted.
# private-key-file=/path/to/private-key-file
#
# # The crt file to be used as the trusted root CA.
# trust-collection-file=/path/to/trust-collection-file
#
# # URL of a secrets service that provide parameters needed to decrypt the private key.
# # Required when private key is encrypted (indicated by '.enc' filename suffix).
# secrets-url="http://localhost:8080"
#
# # The client authentication mode. If TLS is enabled it defaults to require.
# # Options:
# # none
# # optional
# # require
# client-auth=none
#
# # Enables certificate revocation checking using the Online Certificate Status Protocol (OCSP)
# enable-cert-revocation-checking=false
#
# # Minimum TLS Version only allows HTTPS connections from visitors that support the selected
# # TLS protocol version or newer.
# # Options:
# # TLSv1
# # TLSv1.1
# # TLSv1.2
# # TLSv1.3
# minimum-server-protocol-version=TLSv1
#}
user-management {
# Enables user management with provided configuration below.
enabled = false
# Used to set expiry time for user management cache. Also determines the maximum delay
# for propagating user management state changes which is double its value.
cache-expiry-after-write-in-seconds = 5
# Determines the maximum in-memory cache size for user management state.
max-cache-size = 100
# Maximum number of users that the server can return in a single response.
max-users-page-size = 1000
}
identity-provider-management {
# Used to set expiry time for identity provider management cache.
cache-expiry-after-write-in-seconds = 5
}
}
authentication {
# Options:
# wildcard
# Allows everything. Does not have additional flags.
# unsafe-jwt-hmac-256
# Enables JWT-based authorization with shared secret HMAC256 signing.
#
# USE THIS EXCLUSIVELY FOR TESTING
#
# The Ledger API will expect all tokens to be signed with HMAC256 with the given
# plaintext secret.
#
# jwt-rs-256
# Enables JWT-based authorization, where the JWT is signed by RSA256 with the verifying public key
# loaded from the given X509 certificate file (.crt)
#
# The Ledger API will expect all tokens to be signed with RS256 (RSA Signature
# with SHA-256) with the public key loaded from the given X.509 certificate
# file. Both PEM (text) and DER (binary) encoded certicates are supported.
#
# jwt-es-256
# Enables JWT-based authorization, where the JWT is signed by ECDSA256 with the verifying public key
# loaded from the given X509 certificate file (.crt)
#
# The Ledger API will expect all tokens to be signed with ES256 (ECDSA using
# P-256 and SHA-256) with the public key loaded from the given X.509 certificate
# file. Both PEM (text) and DER (binary) encoded certicates are supported.
#
# jwt-es-512
# Enables JWT-based authorization, where the JWT is signed by ECDSA512 with the verifying public key
# loaded from the given X509 certificate file (.crt)
#
# The Ledger API will expect all tokens to be signed with ES512 (ECDSA using
# P-521 and SHA-512) with the public key loaded from the given X.509 certificate
# file. Both PEM (text) and DER (binary) encoded certicates are supported.
#
# jwt-rs-256-jwks
# Enables JWT-based authorization, where the JWT is signed by RSA256 with the verifying public key
# loaded from the given JWKS URL.
#
# The Ledger API will expect all tokens to be signed with RS256 (RSA Signature
# with SHA-256) with the public key loaded from the given
# [JWKS](https://tools.ietf.org/html/rfc7517) URL.
#
type = wildcard
# X509 certificate file location for "jwt-rs-256", "jwt-es-256", "jwt-es-512", "jwt-rs-256-jwks"
# certificate = /path/to/certificate
# Shared secret for jwt-hmac-256 signing
# secret = secrettext
# JWKS URL for jwt-rs-256-jwks algorithm
# url = "https://localhost/jwks.json"
}
# jwt-timestamp-leeway {
# # Enables leeway for JWT tokens with provided configuration below.
# enabled = true
# # Define the default window in seconds in which the Not Before, Issued At and Expires At Claims will still be valid.
# default = 500
#
# # Set a specific leeway window in seconds in which the Expires At ("exp") Claim will still be valid.
# expires-at = 5
#
# # Set a specific leeway window in seconds in which the Issued At ("iat") Claim will still be valid.
# issued-at = 5
#
# # Set a specific leeway window in seconds in which the Not Before ("nbf") Claim will still be valid.
# not-before = 5
#}
data-source-properties {
# This section defines connection pool properties for the participant node. The Indexer does have it's own data
# source properties.
connection-pool {
# A connection pool maintains a specific number of open database connections to an application.
connection-pool-size = 16
# Connection Timeout specifies the time limit, within which the connection to the specified server
# must be made, otherwise an exception is thrown i.e.
connection-timeout = 250ms
}
#postgres {
# # Options: on, off, remote-write, remote-apply, local
# # See https://www.postgresql.org/docs/13/runtime-config-wal.html#GUC-SYNCHRONOUS-COMMIT
# # for details.
# synchronous-commit = on
#
# # TCP keepalive configuration for postgres.
# # See https://www.postgresql.org/docs/13/runtime-config-connection.html#RUNTIME-CONFIG-CONNECTION-SETTINGS
# # for details
# tcp-keepalives-idle = 0
#
# tcp-keepalives-interval = 0
#
# tcp-keepalives-count = 0
#}
}
index-service {
# Number of event pages fetched in parallel when serving ACS calls.
acs-contract-fetching-parallelism = 2
# Maximum number of concurrent ACS queries to the index database.
acs-global-parallelism = 10
# Number of contract id pages fetched in parallel when serving ACS calls.
acs-id-fetching-parallelism = 2
# The buffer size for ACS ID queries
acs-id-page-buffer-size = 1
# Number of contract ids fetched from the index for every round trip when serving ACS calls.
acs-id-page-size = 20000
# Working memory in bytes: specifies a maximum memory for allocating ID Pages for one ACS stream.
acs-id-page-working-memory-bytes = 104857600
# The maximum duration that the Ledger API waits on teardown
# for shutdown of the client stream subscriptions.
api-stream-shutdown-timeout = 5 seconds
# Number of transactions fetched from the buffer when serving streaming calls.
buffered-streams-page-size = 100
# Number of events fetched from the index for every round trip when serving streaming calls.
# When streaming transactions, the API server will query the database in pages
# defaulting to a size of 1000. Increasing the page size can increase
# performance on servers with enough available memory.
events-page-size = 1000
# Number of events fetched/decoded in parallel for populating the Ledger API internal buffers.
events-processing-parallelism = 8
# The maximum contract state cache size for contract key mappings.
max-contract-key-state-cache-size = 100000
# The maximum contract state cache size for contract-id mappings.
max-contract-state-cache-size = 100000
# The maximum number of transactions to be kept
# in the in-memory fan-out for Ledger API stream serving buffers.
max-transactions-in-memory-fan-out-buffer-size = 10000
# The processing parallelism of the Ledger API server in-memory state updater.
in-memory-state-updater-parallelism = 2
# The size of the thread-pool backing the Ledger API in-memory fan-out.
in-memory-fan-out-thread-pool-size = 16
# Timeout for package metadata preparation after which a warning will be logged
prepare-package-metadata-time-out-warning = 1 second
}
indexer {
# The size of the thread pool to execute batching within Indexer pipeline.
batching-parallelism = 4
# Enables compression as part of the Indexer pipeline.
enable-compression = false
#data-source-properties {
# # This section defines connetion pool properties for the Indexer.
# # This section is optional and recommended to stay empty in order to gain the best performance.
#
# connection-pool {
# # A connection pool maintains a specific number of open database connections to an application.
# connection-pool-size = 16
#
# # Connection Timeout specifies the time limit, within which the connection to the specified server
# # must be made, otherwise an exception is thrown i.e.
# connection-timeout = 250ms
# }
#
# postgres {
# # Options: on, off, remote-write, remote-apply, local
# synchronous-commit = on
#
# # TCP keepalive configuration for postgres.
# # See https://www.postgresql.org/docs/13/runtime-config-connection.html#RUNTIME-CONFIG-CONNECTION-SETTINGS
# # for details
# tcp-keepalives-idle = 0
#
# tcp-keepalives-interval = 0
#
# tcp-keepalives-count = 0
# }
#
#}
high-availability {
# The shared lock id used by workers that must be locked exclusively
# as part of the leader HA startup sequence.
indexer-lock-id = 105305792
# The lock id to be used when they Indexer tries to acquire
# the worker Index database lock for becoming a leader.
indexer-worker-lock-id = 105305793
# Period that the Indexer waits before retrying to acquire the
# main Index database lock.
main-lock-acquire-retry-millis = 500
# Period that the Indexer waits before retrying to acquire the
# worker Index database lock.
worker-lock-acquire-retry-millis = 500
# The maximum period the main lock checker will wait
# for the Index database to reply to the lock checking request.
main-lock-checker-jdbc-network-timeout-millis = 10000
# The period between successive main lock checks performed
# by the Indexer on the index database.
main-lock-checker-period-millis = 1000
# Maximum number of times the Indexer retries acquiring the worker Index database lock.
worker-lock-acquire-max-retry = 1000
}
# The parallelism factor for the ingestion within Indexer pipeline.
# As this factor influences the maximum ingestion burst peak, it
# should be tuned in conjunction with `max-output-batched-buffer-size` and `max-tailer-batch-size`.
ingestion-parallelism = 16
# The parallelism factor for the input mapping within Indexer pipeline.
input-mapping-parallelism = 16
# The maximum number of transaction batches accumulated in the
# ledger end ingestion step before starting to back-pressure in the Indexer.
# The theoretical limit of transactions kept in this batch buffer is
# `max-tailer-batch-size` * `submission-batch-size`.
max-tailer-batch-size = 10
# The maximum size of the input buffer of Indexer. In case of a bottleneck
# in producer (Read Service) this will be mostly full, so careful estimation
# is needed to prevent excessive memory pressure.
max-input-buffer-size = 50
# The maximum size of the Indexer output in-memory state updater flow input buffer flow.
# Careful consideration needs taken when setting this value
# as the limit is in number batches of transactions as opposed to `max-input-buffer-size`
# which counts transactions. The theoretical limit of the number of transactions kept
# in this buffer is `max-output-batched-buffer-size` * `submission-batch-size`.
max-output-batched-buffer-size = 16
package-metadata-view {
# The parallelism factor for the Package Metadata In-memory view
# loading pipeline during initialization phase.
init-load-parallelism = 16
# The parallelism factor for the Package Metadata In-memory view
# process pipeline during initialization phase.
init-process-parallelism = 16
# The initial delay before package metadata view initialisation
# is being checked if it was complete
init-takes-too-long-initial-delay = 1 minute
# The interval between package metadata view initialisation checks
init-takes-too-long-interval = 10 seconds
}
# Duration of the delay before restarting the Indexer in case of failure.
restart-delay = 10 seconds
startup-mode {
# Options:
# migrate-and-start
# Migration is run on the provided schema and Indexer is started.
# validate-and-start
# Validate helps to verify that the migrations applied to the database match the ones available locally.
# If version of the database matches the one expected - Indexer is started.
# validate-and-wait-only
# Validate helps to verify that the migrations applied to the database match the ones available locally.
# If version of the database does not match the one expected - application keeps polling the version
# until migration is finally matches the expected one.
# migrate-on-empty-schema-and-start
# Migration is run on the empty schema and Indexer is started. It is expected that no migration are applied
# on the provided schema. The exception will be thrown in case of non-empty schema is provided.
type = migrate-and-start
# Number of retry attempts made to check if schema is validated in `validate-and-wait-only` mode.
# schema-migration-attempts = 30
# Wait time duration before next retry attempt is made in `validate-and-wait-only` mode.
# schema-migration-attempt-backoff = 1 second
# Whether to allow existing schema in `migrate-and-start` mode.
allow-existing-schema = false
}
# The size of the submission batch within parallel ingestion pipeline.
submission-batch-size = 50
}
# The size of the thread pool underpinning internal services. Used for both the ledger api as well as
# the read and write services. When not set, the number of processors is used instead
# services-thread-pool-size = 50
}
}
}
bridge {
# Enable ledger-side submission conflict checking.
conflict-checking-enabled = true
# Submission buffer size.
submission-buffer-size = 500
# Maximum command deduplication duration.
max-deduplication-duration = 30 minutes
}
Reference in New Issue View Git Blame Copy Permalink