Skip to end of metadata
Go to start of metadata

Whenever you change your configuration, you must run /opt/scalr-server/bin/scalr-server-ctl reconfigure for your changes to take effect.

Configuration Files

Configuration for the installer is provided through the following files:

  • /etc/scalr-server/scalr-server.rb: global configuration. If you are distributing Scalr across multiple servers this file should be the same on all of them. 
  • /etc/scalr-server/scalr-server-local.rb: used if you have multiple servers and need to override certain configuration parameters on some of them (e.g. services to enable).
  • /etc/scalr-server/scalr-server-secrets.json: passwords and secrets. This is auto-generated by the installer. Here again this file should be the same on all servers. 

Configuration Options

We very strongly recommend that you read Production Deployment Recommendations in parallel to this.

That page contains links to sample configuration files, which should help you make sense of the documentation below!

The following configuration options may be provided in the scalr-server.rb and scalr-server-local.rb files.

Partial Installs

By default, the Scalr installer enables all modules on a server where you run it (e.g. it enables MySQL, the web app, etc.).

This is controlled by the enable_all setting. 

# Be mindful that there IS NO EQUAL SIGN between `enable_all` and its value.
 
# Enable all modules. This takes precedence over individual some_module[:enable] declarations.
enable_all true 
 
# Disable all services. This does not take precedence over individual some_module[:enable] declarations
# (so you can set it to false, and enable individual services afterwards). 
enable_all false

If enable_all is set to false, then individual modules can be enabled (by default, none are)

# Enable the proxy. The proxy forwards traffic to the various web services that make up Scalr.
# You may have as many proxy servers as you'd like.
proxy[:enable] = true
 
# Enable MySQL. This sets up a MySQL database for Scalr to use. You might want to have two MySQL Servers
# (one for the main Scalr DB and one of the Scalr Cost Analytics DB), or even use your own (e.g. DBaaS) DB instead.
mysql[:enable] = true
 
# Enable rrdcached. This sets up rrdcached to create load statistics graph for Scalr. If you enable rrdcached, you should
# also enable the 'poller' and 'plotter' service submodule, and the 'graphics' submodule (see below).
rrd[:enable] = true
 
# Enable memcached. Memcached is used to store Scalr HTTP sessions.  
memcached[:enable] = true

Additionally, the three following modules support an additional level of granularity. Those modules have multiple submodules, which can be individually enabled:

  • If you set some_module[:enable] to true, then all submodules are enabled. You can provide a list of submodule names in some_module[:disable] to disable some (:disable takes precedence over :enable).
  • If you set some_module[:enable] to a list of submodule names, then those are enabled, and the ones that aren't in the list aren't. 
  • If you set some_module[:enable] to false, then all submodules are disabled.
# Enable all cron jobs. Note that each individual cron job should be deployed to exactly one server. 
cron[:enable] = true

# Enable all background services. Similarly to cron jobs, each service should be deployed to exactly one server.
# Note that the 'plotter' and 'poller' service submodules should be deployed alongside the 'graphics' web submodule and the 'rrd' module.
service[:enable] = true
 
# Enable all web apps. You can deploy as many instances of the 'app' submodule as you'd like, but you should only have one instance of the 'graphics' one.
# Additionally, the 'graphics' submodule should be deployed alongside the 'plotter' and 'poller' service submodules, and the 'rrd' module.
web[:enable]

The lists of submodules can be found in the following files:

Specifically, the lists are in the following methods (look for the :name key):

  • cron_all_crons
  • service_all_services
  • web_all_web

Routing Options

Routing options control the URLs that are exposed to end users (and to the Scalarizr Agent).

routing[:endpoint_scheme] = 'http'      # Set this to `https` if you enabled SSL on your proxy server.
routing[:endpoint_host] = ...           # Set this to a hostname or IP that points to your proxy server.
 
routing[:graphics_scheme] = nil         # Defaults to your endpoint_scheme. Override it to use something different.
routing[:graphics_host] = nil           # Defaults to your endpoint_host. Override it to use something different.
 
routing[:plotter_scheme] = nil		    # Same as above.
routing[:plotter_host] = nil			# Same as above.
routing[:plotter_port] = nil            # Defaults to the port corresponding to endpoint_scheme. Override it to use something different.

App Options

The following options control the behavior of the Scalr App

# App Settings
 
app[:ip_ranges] = ...       # A list of IP ranges (e.g. ['0.0.0.0/0']) that Scalr will use to connect to your servers. 
                            # These IPs will be whitelisted in your cloud security groups.
                            # Review the documentation on "Required Network Configuration for Scalr" for more information.
 
app[:configuration] = {}    # A (nested) Hash (in Ruby syntax) that will be injected into the Scalr config.yml file. This lets you add arbitrary
                            # configuration keys, such as a LDAP configuration. 
                            # Review the documentation on "Scalr Configuration Parameters" for more information.
app[:admin_password] = ...  # Default password for the "admin" user. Note that this password is only used if the admin user never change their password.
                            # Auto-generated and placed into the secrets file, though you can provide it here instead.
 
app[:id] = ...              # ID for this Scalr installation. Auto-generated and placed into the secrets file, though you can provide it here instead.
app[:secret_key] = ...      # Secret key for this Scalr installation. Auto-generated and placed into the secrets file, though you can provide it here instead.
 
# Library configuration
 
app[:ldap_configuration] = ''  # A string for extra configuration to inject into ldap.conf (e.g. use this to set TLS_CACERT if you are using LDAPS).
app[:php_configuration] = ''   # A string for extra configuration to inject into php.ini.
 
# MySQL settings
app[:mysql_scalr_host] = '127.0.0.1'      # Host for the Scalr MySQL database.
app[:mysql_scalr_port] = 6280             # Port for the Scalr MySQL database. (note that by default the installer sets up MySQL to listen on port 6280).

app[:mysql_analytics_host] = '127.0.0.1'  # Host for the Analytics MySQL database.
app[:mysql_analytics_port] = 6280         # Port for the Analytics MySQL database (same as above).
 
# Memcached Settings
app[:memcached_servers] = ['127.0.0.1:6281']  # List of Memcached servers to use for sessions (you may add additional servers for redundancy)
# Note that this setting is only available in Scalr > 5.3. For older versions, use: `app[:memcached_host] = '127.0.0.1'` and `app[:memcached_port] = 6281`

# Email settings. Unless you set those, Scalr will not deliver email.
app[:email_mailserver] = nil     # Set this to 'host:port' of your SMTP server for email to be delivered. If you don't set it, no mail will be sent. Example '127.0.0.1:25'
app[:email_configuration] = ''   # Additional configuration to inject into /opt/scalr-server/etc/ssmtp/ssmtp.conf
 
# Session setting
app[:session_cookie_timeout] = 0   # Expiration for the session cookie in seconds. 0 (default) means the cookie expires after the browser is closed. 
                                   # Note that Session cookie expiry should NOT Be relied on as a security mechanism (it's managed client-side).
app[:session_soft_timeout] = 1800  # Inactivity timeout for sessions in seconds. This can be relied on for session security (it's managed server-side).
# Note that additionally, the app utilizes the username / password settings from MySQL and Memcached.

MySQL Options

The following options control the configuration of MySQL, as well as how the Scalr application accesses MySQL.

Please note: If you are using your own MySQL server (not the embedded databases) and your MySQL version is 5.5.X, you must add the following to your MySQL Config:  skip-character-set-client-handshake = 1
mysql[:bind_host] = '127.0.0.1'     # Host MySQL should bind to.
mysql[:bind_port] = 6280            # Port MySQL should bind to.
 
mysql[:root_password] = ...         # Root password for MySQL. Auto-generated at install time and placed into the secrets file, though can provide it here instead.
                                    # This is only needed when installing MySQL itself. If you're using a DBaaS offering, you don't need to provide this.  

mysql[:scalr_password] = ...        # Scalr password for MySQL. This can be auto-generated or provided in the configuration file.
 
mysql[:server_id] = 2				# ID of the MySQL server. This is mainly used to provide a unique ID when using MySQL replication.
 
mysql[:allow_remote_root] = false	# Specifies if remote root login should be allowed. Needs to be set to "true" when using the kickstart-replication script.
 
mysql[:configuration] = ''			# A string for extra configuration to inject into my.cnf
 
mysql[:binlog] = true				# Turn on the binary log that is used for replication.

Memcached Options

The following options control the configuration of Memcached, as well as how the Scalr application accesses Memcached:

memcached[:bind_host] = '127.0.0.1'  # Host Memcached should bind to.
memcached[:bind_port] = 6281         # Port Memcached should bind to.
 
memcached[:enable_sasl] = nil        # Set this to `true` to force authentication on Memcached, and `false` to force-disable it. 
									 # By default authentication is enabled if Memcached binds to any host other than '127.0.0.1'
									 # We recommend you set this to `false` for better performance IF YOU ARE ON A SECURE NETWORK.
 
memcached[:password] = ...           # Scalr password Memcached. This can be auto-generated, or provided in the configuration file.

Service Options

The following options control the configuration of the background services:

service[:plotter_bind_host] = '127.0.0.1'  # Host the plotter service should bind to.
service[:plotter_bind_port] = 6272         # Port the plotter service should bind to.
 
logrotate[:keep_days] = 7                  # Specifies how many days the logs should be kept.

Web Options

The following options control the configuration of the web apps:

web[:app_bind_host] = '127.0.0.1'         # Host the app server should bind to.
web[:app_bind_port] = 6270                # Port the app server should bind to.
 
web[:graphics_bind_host] = '127.0.0.1'    # Host the graphics server should bind to.
web[:graphics_bind_port] = 6271           # Port the graphics server should bind to.

Proxy Options

The following options control the configuration of the proxy:

proxy[:bind_host] = '0.0.0.0'				 # Defines which IP the proxy component of Scalr should listen on. 0.0.0.0 (wildcard) means listen on all IPs.  
											 # This is the equivalent of "reverse proxy" or "load balancer."
 
proxy[:ssl_enable] = false                   # Whether to enable SSL on the proxy
proxy[:ssl_redirect] = true                  # Whether the proxy should redirect HTTP requests to HTTPS (make sure you have a valid cert if you leave this to true!)
proxy[:ssl_cert_path] = '/path/to/the/cert'  # Path to a SSL cert the proxy should use (this needs to be readable by the scalr-app user).
proxy[:ssl_key_path] = '/path/to/the/key'    # Path to a corresponding SSL key the proxy should use (same as above). 
 
proxy[:apache_config] = ""                   # Custom apache configuration that will be inserted into the proxy virtual host.
 
proxy[:whitelist_ui] = ["1.1.1.1/32", "10.0.0.0/24"]  # If specified, only these IPs or Subnets can access the Scalr UI
proxy[:whitelist_api] = ["3.3.3.3/32", "4.4.4.4/32"]  # If specified, only these IPs or Subnets can access the Scalr API

Supervisor Options

The following options control the configuration of the Supervisor process manager that controls the Scalr services. Note that changing those options will most likely result in restarting your entire Scalr server (though this may or may not be a problem for you).

supervisor[:tz] = 'Etc/UTC'  # The TZ to use for all Scalr services on this server. 
  • No labels