NATS文档
  • 欢迎
  • 发行备注
    • 最新情况
      • NATS 2.2
      • NATS 2.0
  • NATS 概念
    • 概览
      • 比较 NATS
    • 什么是NATS
      • 演练安装
    • 基于主题的消息
    • 核心NATS
      • 发布和订阅
        • 发布/订阅演 练
      • 请求和响应
        • 请求/响应 演练
      • 队列组
        • 队列 演练
    • JetStream
      • 流
      • 消费者
        • 示例
      • JetStream 演练
      • 键值对存储
        • 键值对存储演练
      • 对象存储
        • 对象存储演练
    • 主题映射与分区
    • NATS服务器基础架构
      • NATS部署架构适配
    • 安全
    • 连接性
  • 使用 NATS
    • NATS工具
      • nats
        • nats基准测试
      • nk
      • nsc
        • 基础
        • 流
        • 服务
        • 签名密钥
        • 撤销
        • 管理操作
      • nats-top
        • 教程
    • 用NATS开发
      • 一个NATS应用的解剖
      • 连接
        • 连接到默认服务器
        • 连接到特定服务器
        • 连接到群集
        • 连接名称
        • 用用户名和密码做认证
        • 用令牌做认证
        • 用NKey做认证
        • 用一个可信文件做认证
        • 用TLS加密连接
        • 设置连接超时
        • 乒乓协议
        • 关闭响应消息
        • 杂技功能
        • 自动恢复
          • 禁用自动重连
          • 设置自动重新连接的最大次数
          • 随机
          • 重连尝试之间暂停
          • 关注重连事件
          • 重连尝试期间缓存消息
        • 监视连接
          • 关注连接事件
          • 低速消费者
      • 接收消息
        • 同步订阅
        • 异步订阅
        • 取消订阅
        • N个消息后取消订阅
        • 回复一个消息
        • 通配符订阅
        • 队列订阅
        • 断开连接前清除消息
        • 接收结构化数据
      • 发送消息
        • 包含一个回复主题
        • 请求回复语义
        • 缓存刷入和乒
        • 发送结构化数据
      • JetStream
        • 深入JetStream模型
        • 管理流和消费者
        • 消费者详情
        • 发布到流
        • 使用键值对存储
        • 使用对象存储
      • 教程
        • 用go做个自定义拨号器
  • 运行一个NATS服务
    • 安装、运行和部署NATS服务
      • 安装一个NATS服务
      • 运行和部署一个NATS服务
      • Windows服务
      • 信号
    • 环境约束
    • NATS和Docker
      • 教程
      • Docker Swarm
      • Python 和 NGS 运行在Docker
      • JetStream
    • NATS和Kubernetes
      • 用Helm 部署NATS
      • 创建一个Kubernetes群集
      • NATS群集和认证管理
      • 用cfssl保护NATS群集
      • 用负载均衡来保护外部的NATS访问
      • 在Digital Ocean用Helm创建超级NATS群集
      • 使用Helm从0到K8S再到叶子节点
    • NATS服务的客户端
    • 配置 NATS服务
      • 配置 JetStream
        • 配置管理 Management
          • NATS管理命令行
          • 地形
          • GitHub Actions
          • Kubernetes控制器
      • 群集
        • 群集配置
        • JetStream 群集
          • 管理
      • 网关超级群集
        • 配置
      • 叶子节点
        • 配置
        • JetStream在叶子节点
      • 安全加固NATS
        • 使用 TLS
        • 认证
          • 令牌
          • 用户名/密码
          • TLS认证
            • 群集中的TLS认证
          • NKeys
          • 认证超时
          • 去中心化的 JWT 认证/授权
            • 使用解析器查找帐户
            • 内存解析器教程
            • 混合认证/授权安装
        • 授权
        • 基于账户的多租户
        • OCSP Stapling
      • 日志
      • 使用监控
      • MQTT
        • 配置
      • 配置主题映射
      • 系统事件
        • 系统时间和去中心化的JWT教程
      • WebSocket
        • 配置
    • 管理和监控你的NATS服务基础架构
      • 监控
        • 监控 JetStream
      • 管理 JetStream
        • 账号信息
        • 命名流,消费者和账号
        • 流
        • 消费者
        • 数据复制
        • 灾难回复
        • 加密Rest
      • 管理JWT安全
        • 深入JWT指南
      • 升级一个群集
      • 慢消费者
      • 信号
      • 跛脚鸭模式
  • 参考
    • 常见问题
    • NATS协议
      • 协议演示
      • 客户端协议
        • 开发一个客户端
      • NATS群集协议
      • JetStream API参考
  • 遗产
    • STAN='NATS流'
      • STAN概念
        • 和NATS的关系
        • 客户端连接
        • 频道
          • 消息日志
          • 订阅
            • 通常的
            • 持久化的
            • 队列组
            • 重新投递
        • 存储接口
        • 存储加密
        • 群集
          • Supported Stores
          • Configuration
          • Auto Configuration
          • Containers
        • Fault Tolerance
          • Active Server
          • Standby Servers
          • Shared State
          • Failover
        • Partitioning
        • Monitoring
          • Endpoints
      • Developing With STAN
        • Connecting to NATS Streaming Server
        • Publishing to a Channel
        • Receiving Messages from a Channel
        • Durable Subscriptions
        • Queue Subscriptions
        • Acknowledgements
        • The Streaming Protocol
      • STAN NATS Streaming Server
        • Installing
        • Running
        • Configuring
          • Command Line Arguments
          • Configuration File
          • Store Limits
          • Persistence
            • File Store
            • SQL Store
          • Securing
        • Process Signaling
        • Windows Service
        • Embedding NATS Streaming Server
        • Docker Swarm
        • Kubernetes
          • NATS Streaming with Fault Tolerance.
    • nats账号服务
      • Basics
      • Inspecting JWTs
      • Directory Store
      • Update Notifications
由 GitBook 提供支持
在本页
  • Strings and Numbers
  • Variables
  • Include Directive
  • Configuration Properties
  • Connectivity
  • Clustering
  • Connection Timeouts
  • Limits
  • JetStream
  • Authentication and Authorization
  • Runtime Configuration
  • Monitoring and Tracing
  • Configuration Reloading
  1. 运行一个NATS服务

配置 NATS服务

While the NATS server has many flags that allow for simple testing of features, the NATS server products provide a flexible configuration format that combines the best of traditional formats and newer styles such as JSON and YAML.

The NATS configuration file supports the following syntax:

  • Lines can be commented with # and //

  • Values can be assigned to properties with:

    • Equals sign: foo = 2

    • Colon: foo: 2

    • Whitespace: foo 2

  • Arrays are enclosed in brackets: ["a", "b", "c"]

  • Maps are enclosed in braces: {foo: 2}

  • Maps can be assigned with no key separator

  • Semicolons can be used as terminators

The NATS configuration file is parsed with UTF-8 encoding.

Note

The NATS configuration in the file can also be rendered as a JSON object (with comments!), but to combine it with variables the variables still have to be unquoted.

Strings and Numbers

The configuration parser is very forgiving, as you have seen:

  • values can be a primitive, or a list, or a map

  • strings and numbers typically do the right thing

  • numbers support units such as, 1K for 1000, 1KB for 1024

String values that start with a digit can create issues. To force such values as strings, quote them.

BAD Config:

listen: 127.0.0.1:4222
authorization: {
    # BAD!
    token: 3secret
}

Fixed Config:

listen: 127.0.0.1:4222
authorization: {
    token: "3secret"
}

Variables

Server configurations can specify variables. Variables allow you to reference a value from one or more sections in the configuration

Variables:

  • Are block-scoped

  • Are referenced with a $ prefix. They have to be unquoted when being referenced, for example an assigment like foo = "$example" will result in foo being the literal string "$example".

  • Can be resolved from environment variables having the same name

If the environment variable value begins with a number you may have trouble resolving it depending on the server version you are running.

# Define a variable in the config
TOKEN: "secret"

# Reference the variable
authorization {
    token: $TOKEN
}

A similar configuration, but this time, the value is in the environment:

# TOKEN is defined in the environment
authorization {
    token: $TOKEN
}

export TOKEN="hello"; nats-server -c /config/file

Include Directive

The include directive allows you to split a server configuration into several files. This is useful for separating configuration into chunks that you can easily reuse between different servers.

Includes must use relative paths, and are relative to the main configuration (the one specified via the -c option):

server.conf:

listen: 127.0.0.1:4222
include ./auth.conf

Note that include is not followed by = or :, as it is a directive.

auth.conf:

authorization: {
    token: "f0oBar"
}
> nats-server -c server.conf

Configuration Properties

Connectivity

Property
Description
Default

host

Host for client connections.

0.0.0.0

port

Port for client connections.

4222

listen

Listen specification <host>:<port> for client connections. Either use this or the options host and/or port.

same as host, port

client_advertise

Advertise what host and port specify.

Configuration map for tls for client and http monitoring.

Clustering

Property
Description
Default

Connection Timeouts

Property
Description
Default

ping_interval

"2m"

ping_max

After how many unanswered pings the server will allow before closing the connection.

2

write_deadline

"10s"

Limits

Property
Description
Default

max_connections

Maximum number of active client connections.

64K

max_control_line

4KB

max_payload

1MB

max_pending

Maximum number of bytes buffered for a connection Applies to client connections. Note that applications can also set 'PendingLimits' (number of messages and total size) for their subscriptions.

64MB

max_subscriptions

Maximum numbers of subscriptions per client and leafnode accounts connection.

0, unlimited

JetStream

You can enable JetStream in the server's configuration by simply adding a jetstream {} map. By default, the JetStream subsystem will store data in the /tmp directory, but you can specify the directory to use via the store_dir, as well as the limits for JetStream storage (a value of 0 means no limit).

Property
Description
Default
Version

store_dir

Directory to use for JetStream storage.

/tmp/nats/jetstream

2.2+

max_memory_store

Maximum size of the 'memory' storage

75% of available memory

2.2+

max_file_store

Maximum size of the 'file' storage

Up to 1TB if available

2.2+

max_outstanding_catchup

Max in-flight bytes for stream catch-up

32MB

2.9+

Here's an example minimal file that will store data in a local "nats" directory with some limits.

$ nats-server -c js.conf

# js.conf
jetstream {
   store_dir=nats

   // 1GB
   max_memory_store: 1073741824

   // 10GB
   max_file_store: 10737418240
}

Normally JetStream will be run in clustered mode and will replicate data, so the best place to store JetStream data would be locally on a fast SSD. One should specifically avoid NAS or NFS storage for JetStream. Note that each JetStream enabled nats-server should use its own individual storage directory.

Authentication and Authorization

Centralized Authentication and Authorization

Property
Description

Configuration map for client authentication/authorization.

Configuration map for multi tenancy via accounts.

Decentralized Authentication and Authorization

Property
Description

Path to an operator JWT.

Runtime Configuration

Property
Description
Default

disable_sublist_cache

If true disable subscription caches for all accounts. This is saves resources in situations where different subjects are used all the time.

false, cache enabled

lame_duck_duration

"2m"

lame_duck_grace_period

This is the duration the server waits, after entering lame duck mode, before starting to close client connections

"10s"

Monitoring and Tracing

Property
Description
Default

server_name

The servers name, shows up in logging. Defaults to the server's id. When JetStream is used, withing a domain, all server names need to be unique.

Generated Server ID

server_tags

A set of tags describing properties of the server. This will be exposed through /varz and can be used for system resource requests, such as placement of streams. It is recommended to use key:value style notation.

[]

trace

If true enable protocol trace log messages. Excludes the system account.

false, disabled

trace_verbose

If true enable protocol trace log messages. Includes the system account.

false, disabled

debug

If true enable debug log messages

false, disabled

logtime

If set to false, log without timestamps

true, include timestamp

log_file

Log file name, relative to...

No log file

Size in bytes after the log file rolls over to a new one

0, unlimited

max_traced_msg_len

Set a limit to the trace of the payload of a message.

0, unlimited

syslog

Log to syslog.

false, disabled

remote_syslog

http port for server monitoring.

Listen specification <host>:<port>for server monitoring.

https port for server monitoring. This is influenced by the tls property.

base path for monitoring endpoints.

/

Listen specification <host>:<port>for TLS server monitoring.

system_account

pid_file

port_file_dir

Directory to write a file containing the servers open ports to, relative to ...

connect_error_reports

Number of attempts at which a repeated failed route, gateway or leaf node connection is reported. Connect attempts are made once every second.

3600, approx every hour

reconnect_error_reports

Number of failed attempt to reconnect a route, gateway or leaf node connection. Default is to report every attempt.

1, every failed attempt

Configuration Reloading

nats-server --signal reload
上一页NATS服务的客户端下一页配置 JetStream

最后更新于2年前

Alternative client listen specification <host>:<port> or just <host> to advertise to clients and other server. Useful in setups with NAT.

Configuration map for .

Configuration map for a .

Configuration map for .

Configuration map for .

Configuration map for .

Duration at which pings are sent to clients, leaf nodes and routes. In the presence of client traffic, such as messages or client side pings, the server will not send pings. Therefore it is recommended to keep this value bigger than what .

Maximum number of seconds the server will block when writing. Once this threshold is exceeded the connection will be closed. See on how to deal with this on the client.

Maximum length of a protocol line (including combined length of subject and queue group). Increasing this value may require to be used. Applies to all traffic.

Maximum number of bytes in a message payload. Reducing this size may force you to implement in your clients. Applies to client and leafnode payloads. It is not recommended to use values over 8MB but max_payload can be set up to 64MB. The max payload must be equal or smaller to the max_pending value.

present in the or an . A client connecting without any form of authentication will be associated with this user, its permissions and account.

The Configuration options here refer to based authentication and authorization.

The built-in NATS , for static or to use an external account server. (When the operator JWT contains an account URL, it will be used as default. In this case resolver is only needed to overwrite the default.)

for tls connections to the resolver. (This is for an outgoing connection and therefore does not use timeout, verify and map_and_verify)

to preload account public keys and their corresponding JWT. Keys consist of <account public nkey>, value is the <corresponding jwt>.

In lame duck mode the server rejects new clients and slowly closes client connections. After this duration is over the server shuts down. This value cannot be set lower than 30 seconds. Start lame duck mode with: .

address.

Name of the system account. Users of this account can subscribe to system events. See for more details.

File containing PID, relative to ... This can serve as input to

A server can reload most configuration changes without requiring a server restart or clients to disconnect by sending the nats-server a :

JWT
signal
cluster
tls
gateway
leafnode
leafnode
mqtt
mqtt
websocket
websocket
cluster
cluster
clients use
slow consumer
authorization
accounts
Username
authorization block
account
operator
resolver
tls configuration map
nats-server --signal ldm
http_port
http
https_port
http_base_path
https
nats-server --signal
resolver
MEMORY
URL(<url>)
resolver_tls
resolver_preload
Map
no_auth_user
gateway
client changes
chunking
log_size_limit
Syslog server
System Accounts