Server configuration

The server configuration is a simple set of key and values.

The key/value configuration is namespaced with the following namespaces currently supported:

  • backups (backups configuration)
  • candid (Candid authentication integration)
  • cluster (cluster configuration)
  • core (core daemon configuration)
  • images (image configuration)
  • maas (MAAS integration)
  • rbac (Role Based Access Control integration)
Key Type Scope Default API extension Description
backups.compression_algorithm string global gzip backup_compression Compression algorithm to use for new images (bzip2, gzip, lzma, xz or none)
candid.api.key string global - candid_config_key Public key of the candid server (required for HTTP-only servers)
candid.api.url string global - candid_authentication URL of the the external authentication endpoint using Candid
candid.expiry integer global 3600 candid_config Candid macaroon expiry in seconds
candid.domains string global - candid_config Comma-separated list of allowed Candid domains (empty string means all domains are valid)
cluster.https_address string local - clustering_server_address Address the server should using for clustering traffic
cluster.offline_threshold integer global 20 clustering Number of seconds after which an unresponsive node is considered offline
cluster.images_minimal_replica integer global 3 clustering_image_replication Minimal numbers of cluster members with a copy of a particular image (set 1 for no replication, -1 for all members)
core.debug_address string local - pprof_http Address to bind the pprof debug server to (HTTP)
core.https_address string local - - Address to bind for the remote API (HTTPS)
core.https_allowed_credentials boolean global - - Whether to set Access-Control-Allow-Credentials http header value to "true"
core.https_allowed_headers string global - - Access-Control-Allow-Headers http header value
core.https_allowed_methods string global - - Access-Control-Allow-Methods http header value
core.https_allowed_origin string global - - Access-Control-Allow-Origin http header value
core.proxy_https string global - - https proxy to use, if any (falls back to HTTPS_PROXY environment variable)
core.proxy_http string global - - http proxy to use, if any (falls back to HTTP_PROXY environment variable)
core.proxy_ignore_hosts string global - - hosts which don't need the proxy for use (similar format to NO_PROXY, e.g. 1.2.3.4,1.2.3.5, falls back to NO_PROXY environment variable)
core.trust_password string global - - Password to be provided by clients to setup a trust
images.auto_update_cached boolean global true - Whether to automatically update any image that LXD caches
images.auto_update_interval integer global 6 - Interval in hours at which to look for update to cached images (0 disables it)
images.compression_algorithm string global gzip - Compression algorithm to use for new images (bzip2, gzip, lzma, xz or none)
images.remote_cache_expiry integer global 10 - Number of days after which an unused cached remote image will be flushed
maas.api.key string global - maas_network API key to manage MAAS
maas.api.url string global - maas_network URL of the MAAS server
maas.machine string local hostname maas_network Name of this LXD host in MAAS
rbac.agent.url string global - rbac The Candid agent url as provided during RBAC registration
rbac.agent.username string global - rbac The Candid agent username as provided during RBAC registration
rbac.agent.public_key string global - rbac The Candid agent public key as provided during RBAC registration
rbac.agent.private_key string global - rbac The Candid agent private key as provided during RBAC registration
rbac.api.expiry integer global - rbac RBAC macaroon expiry in seconds
rbac.api.key string global - rbac Public key of the RBAC server (required for HTTP-only servers)
rbac.api.url string global - rbac URL of the external RBAC server
storage.backups_volume string local - daemon_storage Volume to use to store the backup tarballs (syntax is POOL/VOLUME)
storage.images_volume string local - daemon_storage Volume to use to store the image tarballs (syntax is POOL/VOLUME)

Those keys can be set using the lxc tool with:

lxc config set <key> <value>

When operating as part of a cluster, the keys marked with a global scope will immediately be applied to all the cluster members. Those keys with a local scope must be set on a per member basis using the --target option of the command line tool.