Host Configuration
The following table contains a list of all options that can be used to configure the wasmCloud Host:
Flag | Environment Variable | Default | Description | Example |
---|---|---|---|---|
--log-level | WASMCLOUD_LOG_LEVEL | INFO | Controls the verbosity of logs from the wasmCloud host | --log-level DEBUG |
--nats-host | NATS_HOST | 127.0.0.1 | NATS server host to connect to | --nats-host my-nats-server |
--nats-port | NATS_PORT | 4222 | NATS server port to connect to | --nats-port 4223 |
--nats-jwt | NATS_JWT | N/A | A user JWT to use to authenticate to NATS. The given credential needs to have full access to all wasmbus.> topics as well as access to the configured --js-domain to create, manage, and access KV buckets used for lattice metadata and component config | --nats-jwt eyJ0eXAiOiJqd3Qi... |
--nats-seed | NATS_SEED | N/A | A seed nkey to use to authenticate to NATS. This seed should be the same one associated with the JWT. Please see the NATS Docs for more information | --nats-seed SUAAZU5G7UOUR7VX... |
-x , --lattice-prefix | WASMCLOUD_LATTICE_PREFIX | default | The lattice the host belongs to. If running with multiple lattices, each name MUST be unique | -x my-lattice |
--host-seed | WASMCLOUD_HOST_SEED | N/A | The seed key used by this host to generate its public key. In most cases you won't need to set this, but if needed a seed can be generated with wash keys gen server | --host-seed SNABP2H7DRKW3XRM... |
--cluster-seed | WASMCLOUD_CLUSTER_SEED | N/A | The seed key used by this host to sign all invocations. | --cluster-seed SCAICHCEWFXMDS6A... |
--cluster-issuers | WASMCLOUD_CLUSTER_ISSUERS | N/A | A comma-delimited list of public keys for signed invocations. | --cluster-issuers CCTUCYZYWQ...,CA2PCIP7QF... |
--provider-shutdown-delay | WASMCLOUD_PROV_SHUTDOWN_DELAY_MS | 300 | Delay in milliseconds between requesting a provider shutdown. If you are likely to be running many custom providers that require extensive clean up, this value can be increased to give them more time to shut down | --provider-shutdown-delay 500 |
--allow-latest | WASMCLOUD_OCI_ALLOW_LATEST | N/A | Determines whether OCI images tagged latest are allowed. By default, we do not allow this as it makes it very unclear if something has actually updated for an end user or operator | --allow-latest |
--allowed-insecure | WASMCLOUD_OCI_ALLOWED_INSECURE | N/A | Comma-separated list of allowed insecure OCI hosts. Otherwise, all OCI references given to this host will expect an https endpoint | --allowed-insecure registry1,registry2 |
--js-domain | WASMCLOUD_JS_DOMAIN | N/A | NATS Jetstream domain name. If set, all hosts in the lattice MUST be using the same domain name | --js-domain my-domain |
--config-service-enabled | WASMCLOUD_CONFIG_SERVICE | N/A | Denotes if a wasmCloud host should issue requests to a config service on startup. This config service can allow dynamic setting of things such as OCI credentials | --config-service-enabled |
--allow-file-load | WASMCLOUD_ALLOW_FILE_LOAD | N/A | Denotes if a wasmCloud host should allow starting components from the file system. This should only be used for development and not in production (as the existence of files on any given system cannot be guaranteed) | --allow-file-load |
--enable-structured-logging | WASMCLOUD_STRUCTURED_LOGGING_ENABLED | N/A | Enable JSON structured logging from the wasmCloud host | --enable-structured-logging |
-l , --label | WASMCLOUD_HOST_{label_name} (specified for each label) | N/A | A label=value to apply to the host. May be specified multiple times | -l cloud=aws -l region=us-west |
--policy-topic | WASMCLOUD_POLICY_TOPIC | N/A | Enables policy checks on start actions and component invocations at the given topic. This can be used with any sort of policy service. For more information see our Policy Service documentation | --policy-topic my.policy.topic |
--policy-changes-topic | WASMCLOUD_POLICY_CHANGES_TOPIC | N/A | Allows the host to subscribe to updates on past policy decisions. This is how a policy service can tell hosts to invalidate a cached decision. This requires --policy-topic to be test | --policy-changes-topic my.changes.topic |
--policy-timeout-ms | WASMCLOUD_POLICY_TIMEOUT | 1000 | Sets a custom timeout for requesting policy decisions. Requires --policy-topic to be set | --policy-timeout-ms 2000 |
--oci-registry | OCI_REGISTRY | N/A | Overrides credentials for a specific OCI registry. Used in tandem with --oci_user and --oci_password to override credentials for a specific OCI registry | --oci-registry my-registry |
--oci-user | OCI_REGISTRY_USER | N/A | Username for the OCI registry specified by --oci_registry | --oci-user my-username |
--oci-password | OCI_REGISTRY_PASSWORD | N/A | Password for the OCI registry specified by --oci_registry | --oci-password my-password |
--otel-traces-exporter | OTEL_TRACES_EXPORTER | N/A | Specifies which exporter to use for traces (Only "otlp" is currently supported) | --otel-traces-exporter otlp |
--otel-exporter-otlp-endpoint | OTEL_EXPORTER_OTLP_ENDPOINT | N/A | Specifies the endpoint to use for the OTLP exporter | --otel-exporter-otlp-endpoint http://my-custom-host:4318 |