The server's configuration is stored in the server's workspace folder, in
server_config.json. This file is created, at the first start of the server,
using the package's installed config/server_config.json as a template.
NOTICE!
session_config.jsonfile has been deprecated.
The worker_processes section of the config file controls how many processes
will be started on the server to process API requests.
Default value:
The server needs to be restarted if the value is changed in the config file.
The background_worker_processes section of the config file controls how many
processes will be started on the server to process background jobs.
Default value: Fallback to same amount as worker_processes.
The server needs to be restarted if the value is changed in the config file.
Unfortunately, servers don't always terminate gracefully (cue the aforementioned
SIGKILL, but also the container, VM, or the host machine could simply die
during execution, in ways the server is not able to handle). Because tasks are
not shared across server processes, and there are crucial bits of information in
the now dead process's memory which would have been needed to execute the task,
a server later restarting in place of a previously dead one should be able to
identify which tasks its "predecessor" left behind without clean-up.
This is achieved by storing the running computer's identifier, configurable via
CodeChecker server --machine-id, as an additional piece of information for
each task. By default, the machine ID is constructed from
gethostname():portnumber, e.g., cc-server:80.
In containerised environments, relying on gethostname() may not be entirely
stable! For example, Docker exposes the first 12 digits of the container's
unique hash as the "hostname" of the insides of the container. If the
container is started with --restart always or --restart unless-stopped, then
this is fine, however, more advanced systems, such as Docker swarm will
create a new container in case the old one died (!), resulting in a new
value of gethostname().
In such environments, service administrators must pay additional caution and
configure their instances by setting --machine-id for subsequent executions of
the "same" server accordingly. If a server with machine ID M starts up
(usually after a container or "system" restart), it will set every task not in
any "termination states" and associated with machine ID M to the
DROPPED status (with an appropriately formatted comment accompanying),
signifying that the previous instance "dropped" these tasks, but had no chance
of recording this fact.
The max_run_count section of the config file controls how many runs can be
stored on the server for a product.
If this field is not present in the config file or the value of this field is a negative value, run storage becomes unlimited.
This option can be changed and reloaded without server restart by using the
--reload option of CodeChecker server command.
The store section of the config file controls storage specific options for the
server and command line.
All sub-values of this option can be changed and reloaded without server restart
by using the --reload option of CodeChecker server command.
The analysis_statistics_dir option specifies a directory where analysis
statistics should be stored. If this option is specified in the config file the
client will send analysis related information to the server and the server will
store these information in this directory.
If this directory is not specified the server will not store any analysis
statistic information.
The limit section controls limitation of analysis statistics.
The failure_zip_size section of the limit controls the maximum size of
uploadable failure zips in bytes.
Default value: 52428800 bytes = 50 MB
The compilation_database_size section of the limit controls the maximum
size of uploadable compilation database file in bytes.
Default value: 104857600 bytes = 100 MB
Linux has built-in support for keepalive. When using a CodeChecker server
with Docker Swarm it is recommended to use the following settings:
{
"keepalive": {
"enabled": true,
"idle": 600,
"interval": 30,
"max_probe": 10
}
}Otherwise you may get a [Errno 104] Connection reset by peer exception on the
server side and the client may hang forever.
For more detailed information about these configuration option see: https://tldp.org/HOWTO/TCP-Keepalive-HOWTO/usingkeepalive.html
For more information about this problem can be found here: moby/moby#31208 (comment)
The interval between the last data packet sent (simple ACKs are not considered data) and the first keepalive probe.
By default the server will use the value from your host configured by the
net.ipv4.tcp_keepalive_time parameter. This value can be overriden by the
idle key in the server configuration file.
The interval between subsequential keepalive probes, regardless of what the connection has exchanged in the meantime.
By default the server will use the value from your host configured by the
net.ipv4.tcp_keepalive_intvl parameter. This value can be overriden by the
interval key in the server configuration file.
The number of unacknowledged probes to send before considering the connection dead and notifying the application layer.
By default the server will use the value from your host configured by the
net.ipv4.tcp_keepalive_probes parameter. This value can be overriden by the
max_probe key in the server configuration file.
For authentication configuration options and which options can be reloaded see the Authentication documentation.
Optionally, one can store sensitive data (e.g., passwords, secret tokens) outside
of server_config.json. To do this, create a separate server_secrets.json file
in the server's workspace folder. In server_config.json, replace sensitive data
with $SECRET:NAME_OF_SECRET$.
Then, secrets can be defined in server_secrets.json, as an example:
{
"NAME_OF_SECRET": "MySecurePassword123"
}Alternatively, one can also define entire sections as a secret, for instance:
{
"NAME_OF_SECRET": {
"enabled" : true,
"client_id" : "<ExampleClientID>",
"client_secret": "<ExampleClientSecret>"
}
}Alternatively, CodeChecker can also read sensitive data from environmental variables.
To do this, replace sensitive data in server_config.json with $ENV:VARIABLE_NAME$.
In this case, value will be read from environmental variable VARIABLE_NAME.