meshd.conf - Clockwork Mesh Server configuration file
meshd(1) reads its configuration from /etc/clockwork/meshd.conf (unless a different file is specified with the -c option).
Valid configuration directives, and their meanings, are as follows:
This specifies what interfaces/addresses meshd should bind to for publishing commands to subscribed cogd(1) nodes.
The standard port is 2315, and most of the time you'll want to listen on any available interface. This is the default, *:2315.
This specifies what interfaces/addresses meshd should bind to for accepting inbound queries from clients, as well as result messages from subscribed cogd(1) nodes.
The standard port is 2316, and most of the time you'll want to listen on any available interface. This is the default, *:2316.
This certificate is used to identify this meshd instance to connecting clients and cogd nodes. It must contain both the public and private keys.
Defaults to /etc/clockwork/certs/meshd.
For password-based authentication, where the remote user provides their username and password, meshd will use PAM to verify the credentials. This gives the system administrator full control over the authentication policy in play for Mesh.
Defaults to clockwork.
For public-key authentication, where the remote user proves that they have access to the private component of a user keypair, meshd uses a trust database to keep track of what public keys have been marked as trusted for what usernames.
The trust database is a flat file containing only publicly available information, so it doesn't need any special permissions.
Defaults to /etc/clockwork/auth/trusted.
The trust database can be managed with the cw-trust tool.
This configuration option lets you size the query cache to the infrastructure. For each query that meshd fields, it places an entry in the query connection cache to keep track of the query results. Cache entries are purged regularly, pursuant to qcache.expiration, to make room for new client queries.
The value chosen for the connection cache size depends on the number of concurrent queries you expect meshd to service. For most environments the default size of 2048 entries should be sufficient.
Controls how long meshd will wait before purging queries from its query cache. The age of a query is calculated starting from the last time the requesting client retrieved results for it (not as an absolute time since query submission).
This value is specified in seconds.
Defaults to /var/run/meshd.pid.
Defaults to meshd.
Defaults to daemon.
Valid values are:
Fatal issues that cause immediate termination.
Non-fatal issues that prevent proper system operation.
Minor problems that do not hinder system operation.
Informational messages that assist in system diagnostics.
More in-depth informational messages, for troubleshooting.
Messages for chasing down bugs.
Each level includes all "more important" levels. warning will log critical and error messages. notice is everything but debugging messages, etc.
A good starting point is warning; default is error.
Here is the default configuration, made explicit:
listen *:2314 pidfile /var/run/meshd.pid manifest /etc/clockwork/manifest.pol copydown /etc/clockwork/gather.d security.strict yes security.trusted /etc/clockwork/certs/trusted security.cert /etc/clockwork/certs/meshd ccache.connections 2048 ccache.expiration 600 syslog.ident meshd syslog.facility daemon syslog.level error
Clockwork was designed and written by James Hunt.
The Clockwork website is licensed under the Creative Commons Attribution-NoDerivs 3.0 United States License