Skip to main content

Advanced

The Configuration reference section provides the full configuration reference. The sections following after provide descriptions of most relevant advanced configuration sections with more elaborated examples.

Configuration reference

v0.40v0.39v0.38next

Anapaya appliance configuration (advanced only)

advanced object

The necessary configuration data for the advanced section of the Anapaya appliance.

service_customizations object[]

The list of service-customizations on the Anapaya appliance.

  • Array [
    • disabledboolean

    Whether the service customization should be disabled.

    Default value: false
    service_typestringrequired

    The service type for which the customized template is provided.

    Possible values: [CA_FRONTEND, CONTROL, CRON, DAEMON, DATAPLANE, DATAPLANE_CONTROL, DISPATCHER, FRR, FRR_EXPORTER, GATEWAY, MOLE, NODE_EXPORTER, PROMTAIL, ROUTER, TELEMETRY, SHUTTLE, SHUTTLE_SERVER]

    skip_template_validationboolean

    Whether the customized template should be skipped during configuration validation. This is particularly useful if the template is known to be valid, but the input data during validation is not sufficient.

    Default value: false
    templatestringrequired

    The actual customized template for the service.

  • ]

    • Service customization

    For very advanced use cases, it is sometimes necessary to customize the behavior of the internal services of the Anapaya appliance beyond what is possible through the regular configuration. In such cases, it is best to reach out to Anapaya support to discuss the use case and potentially include the customization in the appliance configuration in a future release.

    In the meantime, you can use the service customization feature to customize the behavior of the internal services without waiting for the next release. Services are launched with a configuration file that defines their behavior. The service customization feature allows you to override the template that is used by the Anapaya appliance to generate these service configuration files.

    important

    The default templates and the input parameters for the templates are release dependent. We do our best to keep templates compatible across releases, and write automatic migration scripts where possible. However, if you are using elaborate service customization, you may require manual intervention to adapt your customizations to a new release. Please read the release notes carefully.

    The Anapaya appliance provides a set of specific API endpoints to manage the service customization more conveniently:

    The render service template endpoint is especially useful to test your customizations before applying them. It allows you to render the template with the current configuration and shows the resulting service configuration. You can inspect the rendered configuration and make sure it looks as expected.

    The get/set service template endpoints allow you to manage the service templates in plain text, rather than JSON format that all the other API endpoints use. This is more convenient for manipulating templates.

    tip

    You can also use the appliance-cli to interact with the service customization API endpoints.

    Authoring templates

    The service customization template is used to generate the service configuration file. You need to provide a complete template that configures all aspects of the service. Currently, it is not possible to provide a partial template that is merged with the default template.

    The template is written in the Go template syntax, which is the basis for many commonly used template implementations. Familiarize yourself with the syntax by reading the official documentation, Hugo's introduction, or by looking at our default templates.

    Go templates are designed to be extended by developers, and provides access to data objects and additional functions that are passed into the template engine programmatically. We provide the following additional functions that you can invoke in your templates:

    • stringSliceToTomlList: Converts a slice of strings to a TOML string list.
    • sprig: A library of additional template functions that provides many useful functions for string manipulation, date formatting, and more.

    FRR

    The Anapaya appliance uses FRRouting as the BGP daemon. Head to BGP configuration for more information on how to configure BGP on the Anapaya appliance. If the configuration options are not sufficient for your use case, you can customize the FRR configuration using the service customization feature.

    Default templates

    Here are the templates for the FRR configuration for the different releases of the Anapaya appliance. Use the template that matches the Anapaya appliance release as your starting point.

    ! FRR configuration
    !
    frr version 10.2.1
    frr defaults traditional
    log stdout
    debug bgp neighbor-events
    hostname {{ .ApplianceConfig.GetManagement.GetHostname }}
    !
    ! Zebra configuration
    !
    ip forwarding
    ipv6 forwarding
    !
    {{- if .Zebra.Src }}
    route-map SRC permit 10
     set src {{ .Zebra.Src }}
    !
    ip protocol bgp route-map SRC
    !
    {{- end }}
    {{- if .BFDEnabled }}
    !
    ! BFD configuration
    !
    bfd
    {{- end }}
    {{- with $bgp := .Device.Bgp -}}
    {{- range $bgp.GetNeighbors }}
    {{- if .GetBfd.GetEnabled }}
      peer {{ .GetNeighborAddress }}{{ if .GetBfd.GetMultihop }} multihop{{ end }}{{ if .GetBfd.GetLocalAddress }} local-address {{ .GetBfd.GetLocalAddress }}{{ end }}
        receive-interval {{ .GetBfd.GetRequiredMinimumReceive }}
        transmit-interval {{ .GetBfd.GetDesiredMinimumTxInterval }}
        detect-multiplier {{ .GetBfd.GetDetectionMultiplier }}
        {{- if .GetBfd.GetMultihop }}
        minimum-ttl {{ .GetBfd.GetMinimumTtl }}
        {{- end }}
        no shutdown
      !
    {{- end }}
    {{- end }}
    !
    {{- end }}
    !
    ! BGP configuration
    !
    {{ define "neighbor" }} neighbor {{ .GetNeighborAddress }} remote-as {{ .PeerAs }}
    {{- if .SetLocalAs }}
     neighbor {{ .GetNeighborAddress }} local-as {{ .LocalAs }}
    {{- end }}
    {{- if .PlaintextAuthPassword }}
     neighbor {{ .GetNeighborAddress }} password {{ .PlaintextAuthPassword }}
    {{- end }}
    {{- if .GetDescription }}
     neighbor {{ .GetNeighborAddress }} description {{ .GetDescription }}
    {{- end }}
    {{- if .GetEbgpMultihop }}
     neighbor {{ .GetNeighborAddress }} ebgp-multihop {{ .GetEbgpMultihop }}
    {{- end }}
    {{- if .GetBfd.GetEnabled }}
     neighbor {{ .GetNeighborAddress }} bfd
    {{- end }}
    {{- if .GetTransport }}
    {{- if .GetTransport.GetLocalAddress }}
     neighbor {{ .GetNeighborAddress }} update-source {{ .GetTransport.GetLocalAddress }}
    {{- end }}
    {{- end }}
     neighbor {{ .GetNeighborAddress }} timers {{ .GetTimers.GetKeepaliveInterval }} {{ .GetTimers.GetHoldTime }}
     neighbor {{ .GetNeighborAddress }} advertisement-interval {{ .GetTimers.GetMinimumAdvertisementInterval }}
     neighbor {{ .GetNeighborAddress }} timers connect {{ .GetTimers.GetConnectRetry }}
    {{- if .TtlSecurity }}
     neighbor {{ .GetNeighborAddress }} ttl-security hops {{ .GetTtlSecurity }}
    {{- end -}}
    {{- end -}}
    router bgp {{ .BGP.Global.ASN }}
     bgp router-id {{ .BGP.Global.RouterID }}
     no bgp ebgp-requires-policy
     no bgp default ipv4-unicast
     no bgp suppress-duplicates
     !
    {{- range .BGP.IPv4Neighbors }}
    {{- if .GetEnabled }}
    {{ template "neighbor" . }}
     !
    {{- end }}
    {{- end }}
    {{- range .BGP.IPv6Neighbors }}
    {{- if .GetEnabled }}
    {{ template "neighbor" . }}
     !
    {{- end -}}
    {{- end }}
    {{- if .BGP.HasV4 }}
     address-family ipv4 unicast
    {{- range .BGP.IPv4Neighbors }}
    {{- if .GetEnabled }}
      neighbor {{ .GetNeighborAddress }} activate
      neighbor {{ .GetNeighborAddress }} soft-reconfiguration inbound
      neighbor {{ .GetNeighborAddress }} prefix-list NO_DEF_V4 in
      neighbor {{ .GetNeighborAddress }} route-map rm-out-ipv4 out
    {{- end }}
    {{- end }}
      redistribute kernel route-map allow-only-sgrp
    {{- range .BGP.Global.IPv4Networks }}
      network {{ . }}
    {{- end }}
     exit-address-family
    {{- end }}
    {{- if .BGP.HasV6 }}
     address-family ipv6 unicast
    {{- range .BGP.IPv6Neighbors }}
    {{- if .GetEnabled }}
      neighbor {{ .GetNeighborAddress }} activate
      neighbor {{ .GetNeighborAddress }} soft-reconfiguration inbound
      neighbor {{ .GetNeighborAddress }} prefix-list NO_DEF_V6 in
      neighbor {{ .GetNeighborAddress }} route-map rm-out-ipv6 out
    {{- end }}
    {{- end }}
      redistribute kernel route-map allow-only-sgrp
    {{- range .BGP.Global.IPv6Networks }}
      network {{ . }}
    {{- end }}
     exit-address-family
    {{- end }}
    !
    {{- if .BGP.HasV4 }}
    ip prefix-list NO_DEF_V4 seq 5 permit 0.0.0.0/0 ge 1
    {{- end }}
    {{- if .BGP.HasV6 }}
    ipv6 prefix-list NO_DEF_V6 seq 5 permit ::/0 ge 1
    {{- end }}
    {{- range .BGP.Global.IPv4Networks }}
    ip prefix-list static-routes-ipv4 permit {{ . }}
    {{- end }}
    {{- range .BGP.Global.IPv6Networks }}
    ipv6 prefix-list static-routes-ipv6 permit {{ . }}
    {{- end }}
    !
    route-map allow-only-sgrp permit 10
    {{- range .BGP.MatchSGRP }}
      {{ . }}
    {{- end }}
    !
    {{- if .BGP.IPv4Neighbors }}
    route-map rm-out-ipv4 permit 10
    {{- range .BGP.MatchSGRP }}
      {{ . }}
    {{- end }}
    !
    {{- end }}
    {{- if .BGP.IPv6Neighbors }}
    route-map rm-out-ipv6 permit 10
    {{- range .BGP.MatchSGRP }}
      {{ . }}
    {{- end }}
    !
    {{- end }}
    {{- if .BGP.Global.IPv4Networks }}
    route-map rm-out-ipv4 permit 20
      match ip address prefix-list static-routes-ipv4
    !
    {{- end }}
    {{- if .BGP.Global.IPv6Networks }}
    route-map rm-out-ipv6 permit 20
      match ipv6 address prefix-list static-routes-ipv6
    !
    {{- end }}
    end

    Apply

    Once you have the custom FRR configuration template ready, you can render to validate it produces the expected configuration:

    appliance-cli post config/advanced/service-customization/frr/template/execute < frr.conf.tmpl

    If you are satisfied with the rendered configuration, you can apply the template:

    appliance-cli put config/advanced/service-customization/frr/template < frr.conf.tmpl

    In case you encounter any issues with the service customization, you can disable the template by removing the service customization, or disabling it:

    Example: Disable customization of the first service
    appliance-cli edit config config.advanced.service_customizations[0].disabled: true
    important

    You need to specify the index of the service customization that you want to disable. Typically, this is 0 as you most likely have only one service customization. In case you are unsure, or have multiple service customizations, list the service customizations:

    appliance-cli get config  -f body.config.advanced.service_customizations[].service_type

    Replace 0 with the appropriate index that you discovered.