types.zeek

Cluster

Namespace:: Cluster

Summary

Redefinable Options

`Cluster::default_websocket_max_event_queue_size`: `count` `&redef`	The default maximum queue size for WebSocket event dispatcher instances.
`Cluster::default_websocket_ping_interval`: `interval` `&redef`	The default ping interval for WebSocket clients.

Types

`Cluster::EndpointInfo`: `record`	Information about a WebSocket endpoint.
`Cluster::Event`: `record`	An event instance for cluster pub/sub.
`Cluster::NamedNode`: `record`	Record to represent a cluster node including its name.
`Cluster::NetworkInfo`: `record`	Network information of an endpoint.
`Cluster::Node`: `record`	Record type to indicate a node in a cluster.
`Cluster::NodeType`: `enum`	Types of nodes that are allowed to participate in the cluster configuration.
`Cluster::WebSocketServerOptions`: `record`	WebSocket server options to pass to `Cluster::listen_websocket`.
`Cluster::WebSocketTLSOptions`: `record`	The TLS options for a WebSocket server.

Detailed Interface

Redefinable Options

Cluster::default_websocket_max_event_queue_size 

Type:: count
Attributes:: &redef
Default:: 32

The default maximum queue size for WebSocket event dispatcher instances.

If the maximum queue size is reached, events from external WebSocket clients will be stalled and processed once the queue has been drained.

An internal metric named cluster_onloop_queue_stalls and labeled with a WebSocketEventDispatcher:<host>:<port> tag is incremented when the maximum queue size is reached.

Cluster::default_websocket_ping_interval 

Type:: interval
Attributes:: &redef
Default:: 5.0 secs

The default ping interval for WebSocket clients.

Types

Cluster::EndpointInfo 

Type:

record

Fields:

id: string

network: Cluster::NetworkInfo

application_name: string &optional: The value of the X-Application-Name HTTP header, if any.

Information about a WebSocket endpoint.

Cluster::Event 

Type:

record

Fields:

ev: any: The event handler to be invoked on the remote node.

args: vector of any: The arguments for the event.

An event instance for cluster pub/sub.

See Cluster::publish and Cluster::make_event.

Cluster::NamedNode 

Type:

record

Fields:

name: string

node: Cluster::Node

Record to represent a cluster node including its name.

Cluster::NetworkInfo 

Type:

record

Fields:

address: string: The IP address or hostname where the endpoint listens.

bound_port: port: The port where the endpoint is bound to.

Network information of an endpoint.

Cluster::Node 

Type:

record

Fields:

node_type: Cluster::NodeType: Identifies the type of cluster node in this node’s configuration.

ip: addr: The IP address of the cluster node.

zone_id: string &default = "" &optional: If the ip field is a non-global IPv6 address, this field can specify a particular RFC 4007 zone_id.

p: port &default = 0/unknown &optional: The port that this node will listen on for peer connections. A value of 0/unknown means the node is not pre-configured to listen.

manager: string &optional: Name of the manager node this node uses. For workers and proxies.

id: string &optional: A unique identifier assigned to the node by the broker framework. This field is only set while a node is connected.

metrics_port: port &optional: The port used to expose metrics to Prometheus. Setting this in a cluster configuration will override the setting for Telemetry::metrics_port for the node.

Record type to indicate a node in a cluster.

Cluster::NodeType 

Type:

enum

Cluster::NONE: A dummy node type indicating the local node is not operating within a cluster.

Cluster::CONTROL: A node type which is allowed to view/manipulate the configuration of other nodes in the cluster.

Cluster::LOGGER: A node type responsible for log management.

Cluster::MANAGER: A node type responsible for policy management.

Cluster::PROXY: A node type for relaying worker node communication and synchronizing worker node state.

Cluster::WORKER: The node type doing all the actual traffic analysis.

Types of nodes that are allowed to participate in the cluster configuration.

Cluster::WebSocketServerOptions 

Type:

record

Fields:

listen_addr: addr &optional: The address to listen on, cannot be used together with listen_host.

listen_port: port: The port the WebSocket server is supposed to listen on.

max_event_queue_size: count &default = Cluster::default_websocket_max_event_queue_size &optional: The maximum event queue size for this server.

ping_interval: interval &default = Cluster::default_websocket_ping_interval &optional: Ping interval to use. A WebSocket client not responding to the pings will be disconnected. Set to a negative value to disable pings. Subsecond intervals are currently not supported.

tls_options: Cluster::WebSocketTLSOptions &default = ... &optional: The TLS options used for this WebSocket server. By default, TLS is disabled. See also Cluster::WebSocketTLSOptions.

WebSocket server options to pass to Cluster::listen_websocket.

Cluster::WebSocketTLSOptions 

Type:

record

Fields:

cert_file: string &optional: The cert file to use.

key_file: string &optional: The key file to use.

enable_peer_verification: bool &default = F &optional: Expect peers to send client certificates.

ca_file: string &default = "" &optional: The CA certificate or CA bundle used for peer verification. Empty will use the implementations’s default when enable_peer_verification is T.

ciphers: string &default = "" &optional: The ciphers to use. Empty will use the implementation’s defaults.

The TLS options for a WebSocket server.

If cert_file and key_file are set, TLS is enabled. If both are unset, TLS is disabled. Any other combination is an error.