diff options
Diffstat (limited to 'docs/configuration')
-rw-r--r-- | docs/configuration/system/eventhandler.rst | 9 | ||||
-rw-r--r-- | docs/configuration/system/flow-accounting.rst | 3 | ||||
-rw-r--r-- | docs/configuration/system/login.rst | 12 | ||||
-rw-r--r-- | docs/configuration/system/name-server.rst | 2 | ||||
-rw-r--r-- | docs/configuration/system/option.rst | 24 | ||||
-rw-r--r-- | docs/configuration/system/syslog.rst | 103 |
6 files changed, 87 insertions, 66 deletions
diff --git a/docs/configuration/system/eventhandler.rst b/docs/configuration/system/eventhandler.rst index a68b3924..3eab4e2c 100644 --- a/docs/configuration/system/eventhandler.rst +++ b/docs/configuration/system/eventhandler.rst @@ -3,9 +3,11 @@ Event Handler ------------- -Event handler allows you to execute scripts when a string that matches a regex appears in a text stream (e.g. log file). +Event handler allows you to execute scripts when a string that matches a regex +appears in a text stream (e.g. log file). -It uses "feeds" (output of commands, or a named pipes) and "policies" that define what to execute if a regex is matched. +It uses "feeds" (output of commands, or a named pipes) and "policies" that +define what to execute if a regex is matched. .. code-block:: none @@ -27,7 +29,8 @@ It uses "feeds" (output of commands, or a named pipes) and "policies" that defin pattern <regex> run <command to run> -In this small example a script runs every time a login failed and an interface goes down +In this small example a script runs every time a login failed and an interface +goes down .. code-block:: none diff --git a/docs/configuration/system/flow-accounting.rst b/docs/configuration/system/flow-accounting.rst index f09c1c9a..5bc737d6 100644 --- a/docs/configuration/system/flow-accounting.rst +++ b/docs/configuration/system/flow-accounting.rst @@ -121,7 +121,8 @@ NetFlow Per default every packet is sampled (that is, the sampling rate is 1). -.. cfgcmd:: set system flow-accounting netflow timeout expiry-interval <interval> +.. cfgcmd:: set system flow-accounting netflow timeout expiry-interval + <interval> Specifies the interval at which Netflow data will be sent to a collector. As per default, Netflow data will be sent every 60 seconds. diff --git a/docs/configuration/system/login.rst b/docs/configuration/system/login.rst index 6d89735f..0492f4d1 100644 --- a/docs/configuration/system/login.rst +++ b/docs/configuration/system/login.rst @@ -19,13 +19,15 @@ Local Create new system user with username `<name>` and real-name specified by `<string>`. -.. cfgcmd:: set system login user <name> authentication plaintext-password <password> +.. cfgcmd:: set system login user <name> authentication plaintext-password + <password> Specify the plaintext password user by user `<name>` on this system. The plaintext password will be automatically transferred into a secure hashed password and not saved anywhere in plaintext. -.. cfgcmd:: set system login user <name> authentication encrypted-password <password> +.. cfgcmd:: set system login user <name> authentication encrypted-password + <password> Setup encrypted password for given username. This is useful for transferring a hashed password from system to system. @@ -50,12 +52,14 @@ and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference. -.. cfgcmd:: set system login user <username> authentication public-keys <identifier> key <key> +.. cfgcmd:: set system login user <username> authentication public-keys + <identifier> key <key> Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`. -.. cfgcmd:: set system login user <username> authentication public-keys <identifier> type <type> +.. cfgcmd:: set system login user <username> authentication public-keys + <identifier> type <type> Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of: diff --git a/docs/configuration/system/name-server.rst b/docs/configuration/system/name-server.rst index 59cfdb5d..1896eeda 100644 --- a/docs/configuration/system/name-server.rst +++ b/docs/configuration/system/name-server.rst @@ -28,6 +28,7 @@ Example In this example, some *OpenNIC* servers are used, two IPv4 addresses and two IPv6 addresses: +.. stop_vyoslinter .. code-block:: none @@ -36,6 +37,7 @@ and two IPv6 addresses: set system name-server 2a01:4f8:161:3441::1 set system name-server 2a00:f826:8:2::195 +.. start_vyoslinter Domain search order =================== diff --git a/docs/configuration/system/option.rst b/docs/configuration/system/option.rst index e7661492..e029ec96 100644 --- a/docs/configuration/system/option.rst +++ b/docs/configuration/system/option.rst @@ -1,8 +1,8 @@ .. _system_option: -####### -Options -####### +###### +Option +###### This chapter describe the possibilities of advanced system behavior. @@ -36,7 +36,8 @@ HTTP client Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations. -.. note:: `source-address` and `source-interface` can not be used at the same time. +.. note:: `source-address` and `source-interface` can not be used at the same + time. *************** Keyboard Layout @@ -69,15 +70,20 @@ earlier to pin certain interrupt handlers to specific CPUs. We now utilize `tuned` for dynamic resource balancing based on profiles. - .. seealso:: https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf +.. stop_vyoslinter + +.. seealso:: https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf + +.. start_vyoslinter .. cfgcmd:: set system option performance < throughput | latency > Configure one of the predefined system performance profiles. * ``throughput``: A server profile focused on improving network throughput. - This profile favors performance over power savings by setting ``intel_pstate`` - and ``max_perf_pct=100`` and increasing kernel network buffer sizes. + This profile favors performance over power savings by setting + ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network + buffer sizes. It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, @@ -85,8 +91,8 @@ We now utilize `tuned` for dynamic resource balancing based on profiles. 40%. * ``latency``: A server profile focused on lowering network latency. - This profile favors performance over power savings by setting ``intel_pstate`` - and ``min_perf_pct=100``. + This profile favors performance over power savings by setting + ``intel_pstate`` and ``min_perf_pct=100``. It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a diff --git a/docs/configuration/system/syslog.rst b/docs/configuration/system/syslog.rst index 3449c15b..a4d641b5 100644 --- a/docs/configuration/system/syslog.rst +++ b/docs/configuration/system/syslog.rst @@ -22,9 +22,9 @@ Console .. cfgcmd:: set system syslog console facility <keyword> level <keyword> -Log syslog messages to ``/dev/console``, for an explanation on -:ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` keywords -see tables below. + Log syslog messages to ``/dev/console``, for an explanation on + :ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` keywords + see tables below. Custom File @@ -32,20 +32,21 @@ Custom File .. cfgcmd:: set system syslog file <filename> facility <keyword> level <keyword> -Log syslog messages to file specified via `<filename>`, for en explanation on -:ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` keywords see -tables below. + Log syslog messages to file specified via `<filename>`, for en explanation on + :ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` keywords + see tables below. .. cfgcmd:: set system syslog file <filename> archive size <size> -Syslog will write `<size>` kilobytes into the file specified by `<filename>`. -After this limit has been reached, the custom file is "rotated" by logrotate -and a new custom file is created. + Syslog will write `<size>` kilobytes into the file specified by `<filename>`. + After this limit has been reached, the custom file is "rotated" by logrotate + and a new custom file is created. .. cfgcmd:: set system syslog file <filename> archive file <number> -Syslog uses logrotate to rotate logiles after a number of gives bytes. We keep -as many as `<number>` rotated file before they are deleted on the system. + Syslog uses logrotate to rotate logiles after a number of gives bytes. + We keep as many as `<number>` rotated file before they are deleted on the + system. Remote Host @@ -59,16 +60,17 @@ sending the messages via port 514/UDP. .. cfgcmd:: set system syslog host <address> facility <keyword> level <keyword> -Log syslog messages to remote host specified by `<address>`. The address can be -specified by either FQDN or IP address. For en explanation on -:ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` keywords see -tables below. + Log syslog messages to remote host specified by `<address>`. The address + can be specified by either FQDN or IP address. For en explanation on + :ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` + keywords see tables below. -.. cfgcmd:: set system syslog host <address> facility <keyword> protocol <udp|tcp> +.. cfgcmd:: set system syslog host <address> facility <keyword> protocol + <udp|tcp> -Configure protocol used for communication to remote syslog host. This can be -either UDP or TCP. + Configure protocol used for communication to remote syslog host. This can be + either UDP or TCP. Local User Account @@ -76,11 +78,11 @@ Local User Account .. cfgcmd:: set system syslog user <username> facility <keyword> level <keyword> -If logging to a local user account is configured, all defined log messages are -display on the console if the local user is logged in, if the user is not -logged in, no messages are being displayed. For en explanation on -:ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` keywords see -tables below. + If logging to a local user account is configured, all defined log messages + are display on the console if the local user is logged in, if the user is not + logged in, no messages are being displayed. For en explanation on + :ref:`syslog_facilities` keywords and :ref:`syslog_severity_level` keywords + see tables below. .. _syslog_facilities: @@ -191,36 +193,39 @@ Display Logs .. opcmd:: show log [all | authorization | cluster | conntrack-sync | ...] -Display log files of given category on the console. Use tab completion to get -a list of available categories. Thos categories could be: all, authorization, -cluster, conntrack-sync, dhcp, directory, dns, file, firewall, https, image -lldp, nat, openvpn, snmp, tail, vpn, vrrp + Display log files of given category on the console. Use tab completion to get + a list of available categories. Thos categories could be: all, authorization, + cluster, conntrack-sync, dhcp, directory, dns, file, firewall, https, image + lldp, nat, openvpn, snmp, tail, vpn, vrrp If no option is specified, this defaults to `all`. -.. opcmd:: show log image <name> [all | authorization | directory | file <file name> | tail <lines>] - -Log messages from a specified image can be displayed on the console. Details of -allowed parameters: - -.. list-table:: - :widths: 25 75 - :header-rows: 0 - - * - all - - Display contents of all master log files of the specified image - * - authorization - - Display all authorization attempts of the specified image - * - directory - - Display list of all user-defined log files of the specified image - * - file <file name> - - Display contents of a specified user-defined log file of the specified image - * - tail - - Display last lines of the system log of the specified image - * - <lines> - - Number of lines to be displayed, default 10 +.. opcmd:: show log image <name> + [all | authorization | directory | file <file name> | tail <lines>] + + Log messages from a specified image can be displayed on the console. Details + of allowed parameters: + + .. list-table:: + :widths: 25 75 + :header-rows: 0 + + * - all + - Display contents of all master log files of the specified image + * - authorization + - Display all authorization attempts of the specified image + * - directory + - Display list of all user-defined log files of the specified image + * - file <file name> + - Display contents of a specified user-defined log file of the specified + image + * - tail + - Display last lines of the system log of the specified image + * - <lines> + - Number of lines to be displayed, default 10 When no options/parameters are used, the contents of the main syslog file are displayed. -.. hint:: Use ``show log | strip-private`` if you want to hide private data when sharing your logs. +.. hint:: Use ``show log | strip-private`` if you want to hide private data + when sharing your logs. |