Configuration file options for layer 7 routing¶
This topic describes the configuration options for the primary Interlock services.
For configuration instructions, see Configure layer 7 routing service.
Core configuration¶
The following core configuration options are available for the
ucp-interlock
service:
Option |
Type |
Description |
---|---|---|
|
string |
Address to serve the Interlock GRPC API. The default is |
|
string |
Path to the socket or TCP address to the Docker API. The default is
|
|
string |
Path to the CA certificate for connecting securely to the Docker API. |
|
string |
Path to the certificate for connecting securely to the Docker API. |
|
string |
Path to the key for connecting securely to the Docker API. |
|
bool |
A value of |
|
string |
Interval to poll the Docker API for changes. The default is |
|
string |
Override the default GRPC API endpoint for extensions. Swarm detects the default. |
|
[]extension |
Refer to Extension configuration for the array of extensions. |
Extension configuration¶
The following options are available to configure the extensions. Interlock must contain at least one extension to service traffic.
Option |
Type |
Description |
---|---|---|
|
string |
Name of the Docker image to use for the extension. |
|
[]string |
Arguments to pass to the extension service. |
|
map[string]string |
Labels to add to the extension service. |
|
[]string |
Allows the administrator to cherry pick a list of networks that Interlock can connect to. If this option is not specified, the proxy service can connect to all networks. |
|
map[string]string |
Labels for the extension service tasks. |
|
[]string |
One or more constraints to use when scheduling the extension service. |
|
[]string |
One of more placement preferences. |
|
string |
Name of the extension service. |
|
string |
Name of the Docker image to use for the proxy service. |
|
[]string |
Arguments to pass to the proxy service. |
|
map[string]string |
Labels to add to the proxy service. |
|
map[string]string |
Labels to add to the proxy service tasks. |
|
string |
Name of the proxy service. |
|
string |
Path in the service for the generated proxy configuration. |
|
unit |
Number or proxy service replicas. |
|
string |
Stop signal for the proxy service. For example, |
|
string |
Stop grace period for the proxy service in seconds. For example, |
|
[]string |
One or more constraints to use when scheduling the proxy service. Set
the variable to |
|
[]string |
One or more placement preferences to use when scheduling the proxy service. |
|
string |
Delay between rolling proxy container updates. |
|
string |
Name of the cluster that this extension serves. |
|
string ( |
Publish mode that the proxy service uses. |
|
int |
Port on which the proxy service serves non-SSL traffic. |
|
int |
Port on which the proxy service serves SSL traffic. |
|
int |
Docker configuration object that is used as the extension template. |
|
config |
Proxy configuration used by the extensions as described in this section. |
|
bool |
When set to |
|
config |
Name for the config service used by hitless service updates. For
example, |
|
config |
Name of the config service. This name is equivalent to
|
Proxy configuration¶
Options are available to the extensions, and the extensions use the options needed for proxy service configuration. This provides overrides to the extension configuration.
Because Interlock passes the extension configuration directly to the extension, each extension has different configuration options available.
The default proxy service used by MKE to provide layer 7 routing is NGINX. If users try to access a route that has not been configured, they will see the default NGINX 404 page.
You can customize this by labeling a service with
com.docker.lb.default_backend=true
. If users try to access a route that is
not configured, they will be redirected to the custom service.
For details, see Create a proxy service.
See also