close
keyboard_arrow_left
Table of Contents
- play_arrow Introduction
- play_arrow Prerequisites
- play_arrow Adopt the Edge
- play_arrow Deploy
- play_arrow Import a CPU and Memory probe in Juniper Apstra for Apstra Cloud Services
- play_arrow ACS Setup Validation Tool
- play_arrow Post-Setup
- play_arrow Replace the SSL Certificate of Juniper Apstra's Nginx Controller
list Table of Contents
Internal Variables for Juniper Apstra Cloud Services Edge Configuration
This topic lists additional Juniper Apstra Edge for Apstra Cloud Services environment
variables meant for intenal use for advanced users only. Aside from
REGISTRATION_KEY and CLOUD_TERM, these variables are not
required to set up the Apstra Edge instance. These variables should only be reconfigured in
specialized situations by expert users.
The following is an example docker-compose-extended.yml that lists the
Juniper Apstra Edge environment variables.
Note:
Aside from REGISTRATION_KEY and CLOUD_TERM, these
variables are meant for internal use only. We strongly recommend that you do not alter these
variables in production environments in most scenarios.
content_copy zoom_out_map
version: '3.0'
volumes:
apstra_edge_store:
services:
apstra-edge:
# Name of the edge container
container_name: apstra-edge
# The image to be used for the edge container
image: svl-artifactory.juniper.net/cdo-docker/aide-jcloud/aos-edge:latest
# The restart policy for the container
restart: always
# pull_policy is set to always to ensure that the latest image is always used
pull_policy: always
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "10"
# List of volumes to be mounted to the container
volumes:
# Allows the container to access the host's SSL certificates
- /etc/ssl/certs:/etc/ssl/certs
# Allows the container to access the host's /etc/hosts file
- /etc/hosts:/etc/hosts
# Allows apstra-edge to store auth data retrieved from the cloud during registration
# This volume is used to persist the data across container restarts
# User must backup this volume to avoid data loss
- apstra_edge_store:/var/lib/aos-edge
network_mode: "host"
environment:
# The registration key of the apstra-edge registered in the PAPI/UI
# mandatory
- REGISTRATION_KEY=<registration-key-from-papi>
# The hostname of the cloud endpoint, EPTerm
# mandatory
- CLOUD_TERM=<hostname-of-epterm>
# The log level for the edge
# optional, default is info
- LOG_LEVEL=debug
# ORG_ID is the organization ID of the cloud
# optional, Use when you want to override registration process
# not recommended in production
- ORG_ID=<org-id>
# SECRET is the secret of the apstra-edge registered in the PAPI/UI
# optional, use when you want to override registration process
# not recommended in production
- SECRET=<secret>
# DEVICE_ID is the device ID of the apstra-edge registered in the PAPI/UI
# optional, only required when you want to override registration process
# not recommended in production
- DEVICE_ID=<device-id>
# AOS_BLUEPRINT_QUERY_INTERVAL is the interval at which the edge queries the AOS server for Blueprints
# Default is 300 seconds
# optional, only required when you prefer not to use the default interval
- AOS_BLUEPRINT_QUERY_INTERVAL=<aos-blueprint-query-interval>
# AOS_PROBE_QUERY_INTERVAL is the interval at which the edge queries the AOS server for Probes
# Default is 290 seconds
# optional, only required when you prefer not to use the default interval
- AOS_PROBE_QUERY_INTERVAL=<aos-probe-query-interval>
# EDGE_SERVER_PORT is the port on which the edge local http server listens
# Default is 8081
# optional, only required when you prefer not to use the default port
- EDGE_SERVER_PORT=<edge-server-port>
# AOS_RECEIVER_IP is the IP of the AOS streaming config
# Default value is the IP address of the interface used to connect to the AOS server
# optional, only required when you want to override default value
# not recommended in production
- AOS_RECEIVER_IP=<aos-receiver-ip>
# AOS_RECEIVER_PORT is the port of the AOS streaming config
# optional, only required when you want to override default value, 9595
# not recommended in production
- AOS_RECEIVER_PORT=<aos-receiver-port>
# AOS_URL is the URL of the AOS server
# optional, only required when you want to override fetching from PAPI
# not recommended in production
# Acceptable formats:
# - AOS_URL=https://<hostname>:<port>
# - AOS_URL=https://<hostname>
- AOS_URL=<aos-url>
# AOS_USERNAME is the username of the AOS server
# optional, only required when you want to override fetching from PAPI
# not recommended in production
- AOS_USERNAME=<aos-username>
# AOS_PASSWORD is the password of the AOS server
# optional, only required when you want to override fetching from PAPI
# not recommended in production
- AOS_PASSWORD=<aos-password>
# CLOUD_CA_CERT_PATH is the path to the CA certificate of the cloud
# Path should a path in the mounted volume so aos-edge can access it
# optional, only required when you prefer not to fetch from host system
# not recommended in production
- CLOUD_CA_CERT_PATH=<cloud-ca-cert-path>
# AOS_CA_CERT_PATH is the path to the CA certificate of the AOS server
# Path should a path in the mounted volume so aos-edge can access it
# optional, only required when you prefer not to fetch from host system
# not recommended in production
- AOS_CA_CERT_PATH=<aos-ca-cert-path>
# AOS_INSECURE_SKIP_VERIFY is a flag to skip the verification of the AOS server's certificate
# optional, only required when you prefer not to verify the AOS server's certificate
# not recommended in production
- AOS_INSECURE_SKIP_VERIFY=<true/false>
# AUTH_STORE_DIR is the directory where the auth data is stored
# Path should a path in the mounted volume so aos-edge can access it
# Default is /var/lib/aos-edge
# optional, only required when you prefer not to use the default path
# not recommended in production
- AUTH_STORE_DIR=<auth-store-dir>
# AUTH_STORE_FILE_NAME is the name of the file where the auth data is stored
# Default is aos-edge-auth.json in the AUTH_STORE_DIR
# optional, only required when you prefer not to use the default file name
# not recommended in production
- AUTH_STORE_FILE_NAME=<auth-store-file-name>
# DISABLE_PUSH_MODE is a flag to disable the push mode
# optional, only required when you prefer to disable the push mode
# when set to true, the edge will not push Blueprints, Anomalies, Probes etc to the Cloud
# and will only receive/respond to the requests from the Cloud
- DISABLE_PUSH_MODE=<true/false>
# RemoteServer configuration
# Edge can be configured to forward request received from the Cloud to a remote server
# Each RemoteServer configuration require the following set of environment variables
# REMOTE_SERVER_URL_<index> is the URL of the remote server. The index starts from 1
# mandatory
- REMOTE_SERVER_URL_1=<remote-server-url>
# REMOTE_SERVER_USERNAME_<index> is the username of the remote server. The index starts from 1
# mandatory
- REMOTE_SERVER_USERNAME_1=<remote-server-username>
# REMOTE_SERVER_PASSWORD_<index> is the password of the remote server. The index starts from 1
# mandatory
- REMOTE_SERVER_PASSWORD_1=<remote-server-password>
# REMOTE_SERVER_NAME_<index> is the name of the remote server. The index starts from 1
# Optional, default is the hostname:port from the URL
- REMOTE_SERVER_NAME_1=<remote-server-name>
# REMOTE_SERVER_TYPE_<index> is the type of the remote server. The index starts from 1
# Optional
- REMOTE_SERVER_TYPE_1=<remote-server-type>
# AOS_RECEIVER_WATCH_INTERVAL is the interval at which the edge watches the AOS streaming config object
# optional, Default is 30 seconds
- AOS_RECEIVER_WATCH_INTERVAL=<aos-receiver-watch-interval>
# WEBSOCKET_RETRY_INTERVAL is the interval edge waits before retrying connect to the Cloud via websocket
# optional, Default is 5 seconds
- WEBSOCKET_RETRY_INTERVAL=<websocket-retry-interval>
# MAX_STREAM_MESSAGE_QUEUE_SIZE is the size of the message queue to receive messages from the AOS streaming object while forwarding to the Cloud
# optional, Default is 1024
- MAX_STREAM_MESSAGE_QUEUE_SIZE=<max-stream-message-queue-size>