Navigation :

Configuration

Overview

At startup, the n2svcd binary reads its static configuration from its configuration file. This defaults to /etc/n2svcd/n2svcd.xml, but may be changed using the --config command-line parameter. This file defines the configuration for all of the N2SVCD applications.

Example Configuration File

The following is an example N2SVCD configuration file with three applications configured.

<?xml version="1.0" encoding="utf-8"?>
<n2svcd multi="1" overloaded_poll_ms="100" overloaded_active_ms="500">
  <snmp enabled="1" host="localhost"/>
  <syslog enabled="1" ident="n2svcd"/>
  <statsd>
    <host>stats.mysite.com</host>
    <port>8125</port>
  </statsd>

  <applications>
    <application name="Manage" module="ManageApp">
      <include>
        <lib>../apps/manage/lib</lib>
      </include>
    </application>

    <application name="SIGTRAN" module="SigtranApp">
      <include>
        <lib>../apps/sigtran/lib</lib>
      </include>
      <parameters>
        <parameter name="opc" value="4112"/>
        <parameter name="ossn" value="10"/>
      </parameters>
      <config>
        <connections>
          <connection name="Loopback" type="loopback"/>
          <connection name="telco-slc01" type="sua" next_hop_pc="2058" traffic_mode="2">
            <remote_host>10.42.2.155</remote_host>
            <remote_port>14001</remote_port>
            <local_host>10.42.2.100</local_host>
            <local_port>15000</local_port>
          </connection>
        </connections>
        <routes>
          <route pc="4112" connection="Loopback"/>
          <route pc="2058" connection="telco-slc01"/>
        </routes>
      </config>
    </application>

    <application name="Tester" module="TesterApp">
      <include>
        <lib>../apps/tester/lib</lib>
      </include>
      <parameters>
        <parameter name="json_host" value="0.0.0.0"/>
        <parameter name="json_port" value="9009"/>
      </parameters>
    </application>
  </applications>
</n2svcd>

Parameters

The following top-level elements/attributes are supported.

Attribute	Type	Description
`nodename`	String	The node name of record for the purpose of generating instance IDs and the construction of EDR filenames. (Default = determined from the hostname)
`multi`	Integer	Set this to `1` to enable multi-process service daemon, `0` to disable. The command-line flags `--multi` or `--no-multi` will override the configuration file value. (Default = `0`, use single-process service daemon)
`overloaded_poll_ms`	Integer	Set this to override the global default warning threshold ms before a warning is generated for an overloaded non active app. (Default = `100` ms)
`overloaded_active_ms`	Integer	Set this to override the global default warning threshold ms before a warning is generated for an overloaded active app. (Default = `500` ms)
`syslog`	Object	Container for Syslog configuration.
`snmp`	Object	Container for SNMP trap configuration.
`statsd`	Object	Container for StatsD statistics relay configuration.
`polling`	Object	Container for polling configuration.
`applications`	Array	Container for one or more Applications.
`.application`	Object	Container for a single configured Application running within the Service Daemon. Refer to the specific Application configuration documentation for the additional configuration for each Application.
`virtuals`	Array	Container for one or more user-defined Virtual Application pools.
`.virtual`	Object	Container for a user-defined Virtual Application Pool. Each virtual application pool is a simple list of one or more application config names.

Syslog Configuration

The syslog top-level configuration Object defines the configuration for writing to the Linux Syslog. By default, Syslog writing is disabled. Only Events (NOTICE or WARNING) or Alarms (ALARM or CLEAR) will ever be written to the Syslog.

DEBUG, DUMP and SPAM is never written to the Syslog.

The syslog configuration object supports the following attributes:

Attribute	Type	Description
`enabled`	Integer	Set this to `1` to enable writing to the Linux Syslog, `0` to disable. (Default = `0`, do not write to the Linux Syslog)
`ident`	String	The application Ident value written to every Syslog record. (Default = Main Program name, typically `n2svcd`)
`pid`	Integer	Specify `1` to include PID in Syslog records, `0` to exclude PID. (Default = `1`, include PID in Syslog records)

SNMP Trap Configuration

The snmp top-level configuration Object defines the configuration for sending Event and Alarm traps to an SNMP trap daemon. By default, SNMP trap delivery is disabled.

Only Events (NOTICE or WARNING) or Alarms (ALARM or CLEAR) will ever be delivered as SNMP traps. DEBUG, DUMP and SPAM are never written as an SNMP trap.

Refer to the Alarms section for more detail regarding the SNMP trap fields.

If one or more SNMP Applications are specified and the SNMP version is 3, those applications will be used to deliver SNMP traps. If the version is 2 or SNMP applications are not configured and specified within the snmp section, SNMP traps will be sent directly from each component as required. In both cases, the snmp top-level configuration is used unless overridden by application-specific parameters.

Note that:

All SNMP traps are only sent over UDP.
The only security model supported for SNMP v3 is USM.

An example configuration might be:

<?xml version="1.0" encoding="utf-8"?>
<n2svcd multi="1">
    ...
    <snmp enabled="1" version="3">
        <auth_username>user1</auth_username>
        <auth_alg>md5</auth_alg>
        <auth_key>0183c5b0eefb85b6dd3181a787219bc5</auth_key>
        <privacy_alg>des</privacy_alg>
        <privacy_key>0183c5b0eefb85b6dd3181a787219bc5</privacy_key>
  	</snmp>
  	...
</n2svcd>

The available configuration for SNMP traps depends on the version selected. All SNMP configuration items may be set as N2SVCD evaluated parameters.

Common SNMP Trap Configuration

The snmp configuration object supports the following attributes for all SNMP versions:

Attribute	Type	Description
`enabled`	Boolean	Set this to a truthy value to enable delivery of SNMP traps. (Default = false, do not deliver SNMP traps)
`version`	Integer	The SNMP version to use. Valid values are `2` for SNMP v2c or `3` for SNMP v3. (Default = `2`)
`host`	String	The name or IPv4 address of the host to receive SNMP traps. Only one host may be specified. Typically, this is a local `snmptrapd` instance, which can be configured to forward traps to one or more remote SNMP destinations. (Default = `localhost`)
`port`	Integer	The UDP port number for the SNMP trap daemon to deliver to. (Default = `162`)
`location`	String	The system location, as per RFC 3418. Only used for non-application traps. (Default = hostname)
`send_alarms`	Boolean	Whether to send SNMP Alarms, i.e. ERROR- and CLEAR-level SNMP traps. When truthy, SNMP Alarms will be sent if `enabled` is also truthy. (Default = true, deliver SNMP ERROR and CLEAR alarm traps)
`send_events`	Boolean	Whether to send SNMP Events, i.e. NOTICE- and WARNING-level SNMP traps. When truthy, SNMP Events will be sent if `enabled` is also truthy. _(Default = true, deliver SNMP NOTICE and WARNING alarm traps)

SNMP v2 Trap Configuration

The snmp configuration object supports the following additional attributes for SNMP v2:

Attribute	Type	Description
`community`	String	The SNMP community string to use. (Default = `n2svcd`)

SNMP v3 Trap Configuration

The snmp configuration object supports the following additional attributes for SNMP v3:

Attribute	Type	Description
`snmp_apps`	String	A comma-separated list of SNMP Application names (as configured) to use for proxying SNMP traps. Each item in the list will be sent every trap.
`auth_id_literal`	Integer	A hexadecimal string representing an encoded SMNP engine IDs to be used as the authoritative engine ID. If set, all other SNMP authoritative engine ID fields will be ignored and all applications will use the same ID. (Default = generated based on other options)
`auth_id_iana_pen`	Integer	The IANA Private Enterprise Number to use for authoritative SMNP engine IDs. (Default = `56540`)
`auth_id_v3_format`	Boolean	Whether to use SNMP v3 format for authoritative SNMP engine IDs as per RFC 3411. (Default = true, use SMNP v3 format)
`auth_id_value_format`	Integer	The format for the authoritative SNMP engine ID value as per RFC 3411. Only applicable when `id_v3_format` is true. (Default = `4`, administratively-assigned text)
`auth_id_value`	String	The authoritative SNMP engine ID value to use for all applications. Length is limited to 27 when `id_v3_format` is true and 12 otherwise as per RFC 3411 and will have its prefix truncated if necessary. Note that if this is specified, all applications will use the same ID. (Default = `<hostname>.<app_name>`)
`auth_id_value_as_text`	Boolean	Whether the `id_value` should be treated as text. If true, the `id_value` will be encoded to hexadecimal) for use within the authoritative SNMP engine ID. Otherwise, the value must be a hexadecimal string and will be treated as such. (Default = true when `id_value_format` is `4`, otherwise false)
`context_id_literal`	Integer	As for `auth_id_literal` but for the context SNMP engine ID
`context_id_iana_pen`	Integer	As for `auth_id_iana_pen` but for the context SNMP engine ID
`context_id_v3_format`	Boolean	As for `auth_id_v3_format` but for the context SNMP engine ID
`context_id_value_format`	Integer	As for `auth_id_value_format` but for the context SNMP engine ID
`context_id_value`	String	As for `auth_id_value` but for the context SNMP engine ID
`context_id_value_as_text`	Boolean	As for `auth_id_value_as_text` but for the context SNMP engine ID
`engine_data_file_base`	String	The path and name of the file to store the data file containing the non-volatile SNMP v3 engine data for the authoritative SMNP engine ID. Will have the internal application name appended to the filename. _(Default = `/var/tmp/n2svcd-snmp-engine-data`)
`context_name`	String	The SNMP v3 context name to use. _(Default = `n2svcd`)
`auth_username`	String	The username to use for SNMP v3 USM authentication. Required if `auth_password` is specified. (Default = do not use USM username)
`auth_password`	String	The plaintext password to use for SNMP v3 USM authentication. Will be localised according to RFC 3414 using the `auth_alg` before use. Mutually exclusive with `auth_key`. (Default = do not use USM authentication)
`auth_key`	String	The pregenerated localised key to use for SNMP v3 USM authentication. Mutually exclusive with `auth_password`. (Default = do not use USM authentication)
`auth_alg`	String	The hashing algorithm to use for SNMP v3 USM authentication and key localisation. Only applicable if `auth_username` and `auth_password`/`auth_key` are specified. Valid options are `md5` for MD5 hashing or any of `sha1`, `sha224`, `sha256`, `sha384`, or `sha512` for SHA hashing. (Default = `sha1`)
`privacy_password`	String	The plaintext password to use for SNMP v3 privacy encryption. Will be localised according to RFC 3414 using the `auth_alg` before use and then repeated and/or truncated as necessary to meet the `privacy_alg` key length requirements. Mutually exclusive with `privacy_key`. (Default = do not use USM privacy encryption)
`privacy_key`	String	The pregenerated localised key to use for SNMP v3 privacy encryption. The key length must align with the `privacy_alg` key length requirements. Mutually exclusive with `privacy_password`. (Default = do not use USM privacy encryption)
`privacy_alg`	String	The encryption algorithm to use for SNMP v3 USM privacy. Only applicable if `privacy_key`/`privacy_password` are specified. Valid options are `des` or `aes`. These algorithms both require a localised key length of `16` characters. (Default = `aes`)

Note that:

The required privacy_key length is 16 characters (128 bits) for DES encryption rather than the usual 8 characters (64 bits). This is due to the requirements for encryption given in RFC 3114.
Using auth_password or privacy_password is not allowable for strict compliance with RFC 3414. The N2SVCD system will therefore issue notices at startup giving the localised keys that can be used instead for auth_key and privacy_key, respectively.
Each comma-separated snmp_apps value is treated as an independent parameter for N2SVCD evaluated parameter lookups.

SNMP v3 Engine IDs

When SNMP v3 is used, each N2SVCD application (including instances of repeated applications) identifies itself with an SNMP engine ID when sending SNMP traps, either as an authoritative engine (at the message layer) or as a context engine (within the message PDU).

SNMP engine IDs are generated in the following manner, depending on configuration:

If id_literal is configured, the entire SNMP engine ID is set using it and no other configuration applies.
The first four octets are set by the id_iana_pem value.
The first bit is set by id_v3_format as either 1 or 0.
If id_v3_format is true, the fifth octet is set according to id_value_format.
The remaining octets are set according to id_value. If no explicit configuration exists for this parameter, the format used is as follows:

<hostname>.<configured application name[:application iteration]>

Note that:

The application iteration will only be present if the application is repeated.
The hostname and the application name will be trimmed from the front in order to fit the length requirements of RFC 3411.
Only the ID value format 4 (text) will be treated as text when encoded. Other values must ensure that the configured value is a hexadecimal string.

As an example, given the following configured values:

iana_pen => (not set)
id_v3_format => true
id_value_format => 4
id_value => Fred

… the generated SNMP engine ID would be 80:00:DC:DC:04:46:72:65:64 (colons added for legibility), where:

80:00:DC:DC contains the default IANA PEN 56540 with the first bit set,
04 sets the value format as “text”, and
46:72:65:64 is the encoding of the ID value.

Note that with this configuration, the maximum allowable ID value length would be 27.

Refer to RFC 3411 for full details of SNMP engine ID formats and their usage within SNMP messages.

Polling Configuration

The polling top-level configuration Object is used to override the default timer loop settings for the polling logic. These settings will apply to all applications running within this n2svcd instance. Reducing the polling rest and sleep timers will increase application responsiveness at the cost of extra CPU usage.

The polling configuration object supports the following attributes:

`rest_ms`	Integer	The number of millseconds to pause between polling loops when the application has recently finished performing work. A lower value will improve response time under moderate load, but will increase CPU usage under light load. (Default = `5` milliseconds)
`sleep_ms`	Integer	The number of millseconds to sleep between polling loops when the application has not performed any activity for several rests. A lower value will improve response time under light load, but will increase CPU usage under light load. (Default = `20` milliseconds)
`rests_before_sleep`	Integer	The number of short "rest" periods that must elapse without activity before each application performs longer "sleep" periods. A higher value will improve response time under moderate load, but will increase the CPU usage under light load. (Default = `100` rests before sleep)

Application Configuration

The applications.application configuration object is used to define Real Applications. These Real Applications perform all of the work within n2svcd.

Each application object has its own class-specific configuration structure which is described in the separate, dedicated configuration page for that Application. However, there are some common attributes for each Application, as described here.

Note that there is a special case for the WatchdogApp. If you do not define an application instance of WatchdogApp in the applications list, then one will be created automatically.

Attribute	Type	Description
`disabled`	True = `t` / `true` / `y` / `yes` / `on` / `1` False = Any Other Value	Convenience flag for disabling applications when testing. If this attribute is present and set to a "True" value, the application is disabled and ignored. (Default = `0`, application is not disabled)
`enabled`	`0` / `1` / `yes` / `no`	Convenience flag for disabling applications when testing. If this attribute is present and set to a not "True" value, the application is disabled and ignored. (Default = `1`, application is not disabled)
`name`	String	[Required] A unique name for this application instance. This may include only the characters `[a-z0-9 _\-]`.
`priority`	`primary` / `standby` / `fallback` / `disaster`	Adjusts the relative priority of applications e.g. when choosing among Database Apps, REST Client Apps, or other service apps which may be instantiated more than once. (Default = `primary`)
`module`	String	[Required] Value defines which Application class will be loaded.
`include`	Array	Array of library class paths to pre-load when instantiating the Application class.
`.lib`	String	[Required] Relative or Absolute directory path in which the Application class is found.
`parameters`	Array	Array of parameter configuration to configure the Application.
`.parameter`	Object	A parameter to be passed to the Application at configuration time.
`.name`	String	[Required] Name of the Application parameter. See per-Application class documentation.
`.value`	String	The parameter configuration value which will be passed to all Application instances, unless overridded using a per-instance `value-<idx>` override. This value may specified indirectly via an environment variable `${VARNAME}` or a shell command `command`.
`.value-<idx>`	String	A parameter value specific to a single instance of a repeated Application. The first application override value key is `value-0`. See notes below concerning Repeated Applications.
`repeat`	Integer	Number of instances of this Application to construct. (Default = `1`)
`user_alloc`	Integer	Number of bytes in the "User Message" inter-application IPC receive queue. Applications operating under heavy load may require an explicitly higher value. A suffix of `k` or `m` indicates Kilobytes or Megabytes. Otherwise value is bytes. (Default = `1m`)
`admin_alloc`	Integer	Number of bytes in the "Admin Message" inter-application IPC receive queue. Complex Applications may require an explicitly higher value. A suffix of `k` or `m` indicates Kilobytes or Megabytes. Otherwise value is bytes. The ManageApp may require an explicitly higher value. (Default = `128k`)

Repeating Applications

The repeat attribute is a mechanism by which load-sharing can be easily configured when running n2svcd in multi-process mode on suitable hardware.

An application configured with repeat will result in the creation of multiple Real Application instances, each with a name formed by appending :0, :1, etc. onto the given name. The given name will then be instantiated as a Virtual Application Pool which maps to all of the multiple configuration names (each with one or more real applications).

e.g. When configured with name = Scripter and repeat = 2 then the following will be created:

A Real Application Scripter:0.
A Real Application Scripter:1.
A Virtual Application Scripter which load-shares across Scripter:0, Scripter:1.

Note that in all cases, non-repeated applications will be internally referred to with the suffix :0.

To configure separate parameters.parameter values for different repeated application instances, use the value-<idx> syntax.

The following example configuration creates three instances of RealApp1 with port numbers 4601, 4602, and 4603 respectively. Note that indexes are zero-based.

<n2svcd>
  <applications>
    <application name="RealApp1" repeat="3">
      ...
      <parameters>
        <parameter name="PortNumber" value="4601">
          <value-1>4602</value-1>
          <value-2>4603</value-2>
        </parameter>
      </parameters>
    </application>
  </applications>
</n2svcd>

Note that if n2svcd is running in the default single-process mode then there will be no performance gain by creating multiple Application instances.

Applications which need exclusive access to a single resource (such as a single local server port number) are not obvious candidates for multiple instances.

Evaluated Parameters

The value or value-<idx> for a <parameter> entry in an application may be specified as the value of an environment variable by wrapping the environment variable name in ${ and }. For example, <parameter="local_ip" value="${PRIMARY_IP}"/> indicates that the parameter value for local_ip is value of the Unix environment variable PRIMARY_IP.

Alternatively, a value or value-<idx> wrapped in backticks `` indicates a Unix command shell that should be executed, and the returned STDOUT/STDERR value is the value of the parameter. For example, <parameter=“local_ip” value="`hostname -s`"/> indicates that the parameter value for local_ip is the result of executing the Unix command `hostname -s`.

Note that this command will be run as the unix user who is executing n2svcd. Hence the configuration file n2svcd.xml must be secured appropriately against write-access to avoid a privilege-elevation security breach.

Virtual Application Pool Configuration

A Virtual Application Pool definition is a mechanism by which more then one Config Name can be grouped into a shared resource pool for the purpose of load-sharing/failover.

a. You have multiple services but they need slightly different config, so you are going to use different configuration (two different config name pools), but you then want to combine them all as a single pool for load-sharing/failover.

b. You have two pairs of real application processes and sometimes you want to share/fail among a pair, and sometimes you want to share/fail among all four.

As described above, the repeat attribute on the application configuration object creates a load-sharing/failover pool across multiple real-processes for a single config-name. A virtual application configuration simply groups multiple config-name entries into a single virtual pool as a collective load-sharing/failover application label.

<n2svcd>
  <virtuals>
    <virtual name="VirtualApp">
      <applications>
        <application name="ConfigName1"/>
        <application name="ConfigName2"/>
      </applications>
    </virtual>
  </virtuals>

  <applications>
    <application name="ConfigName1">
      ...
    </application>

    <application name="ConfigName2">
      ...
    </application>
  </applications>
</n2svcd>

Each virtual configuration Object supports the following attributes:

Attribute	Type	Description
`name`	String	[Required] Name for your Virtual Application Pool. Must not conflict with any other defined Real or Virtual Application Pool name.
`applications`	Array	Array of Real Applications.
`.application`	Object	Entry for an application mapping, identifying an application which is a member of this virtual pool.
`.name`	String	[Required] The "config name" of the application which is included in this pool. This value must be a "config name" of an application, i.e. the value of the `name` element of the `<application>` which is to be included in this pool. Any application config name can belong to more than one virtual application pool.

Application Loadshare & Failover

Both the “Repeated Real Applications” and the “Virtual Application Pool Configuration” provide a mechanism by which a single application label maps to one or more “real applications” for the purpose of accepting internal messages containing information for processing.

When one application wishes to invoke another application for a task, it does so by sending a message over the Inter Process Communication (IPC) mechanism under which n2svcd is running, which may be either single-process objects (IPC = none) shared memory (IPC = shm) or TCP sockets (IPC = sockets).

The sending application must be configured with an application label, which is either:

A specific “config name” matching an <application name="???"…/> label, or
A “virtual name” associated with a virtual pool of “config name” values as above.

The sending application will then request a “handle” for the label. The n2svcd framework will consider all of the real applications which are associated with the label. The determination of the real applications associated with each application config name (or virtual pool of config names) is a discovery task performed at application startup, as part of the application’s “prepare” phase. In a dynamic environment like kubernetes, each application may periodically re-perform discovery.

When a hangle is requested, the sending application will consider all of the known “real” applications associated with the requested application label, and will chose the “best” real application to perform the processing. This determination is made by considering the availability of the real applications.

There are four different “availability” factors to consider in this comparison - Priority, Access, Load Percentage, and Loading Indicator.

Priority

Every real application has a priority which is one of:

[0] DISASTER
[1] FALLBACK
[2] STANDBY
[3] PRIMARY (default)

This is a static parameter configured by the priority attribute on the <application> definition element. It may also be changed at run-time via the GUI.

Access

Every real application has an access indicator which is one of:

[0] SHUTDOWN
[1] OFFLINE
[2] QUIESCING
[3] ONLINE

This is set dynamically. Each application is responsible for monitoring the state of its external connections and its internal processing capabilities, and regularly notifying other applications (via the IPC shared memory area) the access which it can offer for processing requests. This allows the other applications to make sensible preference decisions for the purpose of load-balancing and failover.

Loading

Every real application which offers a processing service to other applications is responsible to monitor its own processing load, and should notify other applications of the up-to-date status using the two loading parameters which are published to other applications via the IPC shared memory area.

The two load-related parameters are:

The Load Percentage (of maximum).
The Loading Indicator.

The load percentage is an integer values from 0 to 100. The extreme values should be used strictly:

An application should only notify 0% load when the load is absolutely zero.
An application should only notify 100% load when the load is at the absolute maximum and additional requests are expected to fail.

In all other cases, values in the range 1 through 99 should be used. E.g. 0.2% load should be reported as 1% not 0%, and 99.6% backlog should be reported as 99% backlog, not 100%.

Each application will define its own criteria for computing percentage. This will typically consider the number of connections, the number of simultaneous outstanding requests permitted per connection, or the number of running instances or sessions, or a limit of transactions initiated per second. This percentage should also be adjusted to allow for any internal backlog/queuing capability.

The loading indicator is one of:

[0] NORMAL
[1] HIGH
[2] OVERLOAD

A loading indicator of HIGH is set when the loading percentage has reached the configured value as per the high_load_pc application configuration parameter.

A loading indicator of OVERLOAD is set when an application is forced to discard inbound processing requests because it has reached a pre-set sizing limit or timeout parameter.

If an application loading indicator is marked as HIGH or OVERLOAD loading then that indicator will continue to report HIGH or OVERLOAD for as long as the corresponding alarm is active, being the number of seconds as configured for the alarm_clear_secs application configuration parameter after the associated loading condition has actually ended.

Application Preference

The following selection logic is used when selecting preference among applications for processing a new request.

New sessions will only be created towards Applications with access ONLINE.
When two applications have the same priority, the lowest load is preffered.
When two applications have the same priority and both have 100% load, the lowest backlog is preferred.
Otherwise, the following priority/load/backlog combinations are preferred in descending order.

Priority	Loading	Note
`PRIMARY`	`NORMAL`
`STANDBY`	`NORMAL`	Standby is a load-backup which activates once the primary hits full load.
`PRIMARY`	`HIGH < 100%`
`STANDBY`	`HIGH < 100%`
`FALLBACK`	`NORMAL`	Fallback is a load-backup which activates once the primary and standby hits high load.
`FALLBACK`	`HIGH < 100%`
`PRIMARY`	`OVERLOAD or >= 100%`
`STANDBY`	`OVERLOAD or >= 100%`
`FALLBACK`	`OVERLOAD or >= 100%`
`DISASTER`	(any)	Disaster is only used when all other higher priorities have access which is not `ONLINE`.