Configure Diagnostics Server Advanced Settings¶

This document provides instructions on how to configure advanced settings for the Privacera Diagnostics Server. These settings allow you to customize server behavior including metrics, database configuration, authentication, connection pooling, and various operational parameters to better suit your organization's needs.

Note

All configuration variables are optional and have default values.
Uncomment and set values only if you need to override the defaults.

To configure Diagnostics Server advanced settings, perform the following steps:

Copy vars.privacera-diagnostics.yml from sample-vars and open it to configure. If the file is already present, you can skip this step:

Bash
cd ~/privacera/privacera-manager
cp config/sample-vars/vars.privacera-diagnostics.yml config/custom-vars
vi config/custom-vars/vars.privacera-diagnostics.yml

Uncomment and update the following variables in vars.privacera-diagnostics.yml as needed:

Variable Name	Description	Default Value
DIAG_SERVER_METRICS_ENABLE	Enable diagnostics server metrics	false
DIAG_SERVER_DB_TYPE	Database type: 'sqlite' or 'mariadb'	sqlite
DIAG_SERVER_DB_HOST	MariaDB host (used when DIAG_SERVER_DB_TYPE=mariadb)	mariadb
DIAG_SERVER_DB_PORT	MariaDB port (used when DIAG_SERVER_DB_TYPE=mariadb)	3306
DIAG_SERVER_DB_USER	MariaDB user (used when DIAG_SERVER_DB_TYPE=mariadb)	DB_USER
DIAG_SERVER_DB_PASSWORD	MariaDB password (used when DIAG_SERVER_DB_TYPE=mariadb)	N/A (must be set in production)
DIAG_SERVER_DB_NAME	MariaDB database name (used when DIAG_SERVER_DB_TYPE=mariadb)	diag_server
DIAG_SERVER_DB_POOL_CAPACITY	Maximum number of database connections in the pool	10
DIAG_SERVER_DB_POOL_OVERFLOW	Maximum number of overflow connections	30
DIAG_SERVER_DB_POOL_TIMEOUT_SECS	Timeout in seconds for database connection pool operations	30
DIAG_SERVER_SOCKETIO_CORS_ALLOWED_ORIGINS	SocketIO CORS allowed origins	*
DIAG_SERVER_SOCKETIO_PING_TIMEOUT	SocketIO ping timeout	60
DIAG_SERVER_SOCKETIO_PING_INTERVAL	SocketIO ping interval	25
DIAG_SERVER_SOCKETIO_ASYNC_MODE	SocketIO async mode	asgi
DIAG_SERVER_SOCKETIO_LOG_LEVEL	SocketIO log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)	WARNING
DIAG_SERVER_SOCKETIO_ENGINEIO_LOG_LEVEL	SocketIO EngineIO log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)	WARNING
DIAG_SERVER_CORS_ORIGINS	CORS allowed origins	*
DIAG_SERVER_CORS_ALLOW_CREDENTIALS	Allow CORS credentials	false
DIAG_SERVER_CORS_ALLOW_METHODS	CORS allowed methods	*
DIAG_SERVER_CORS_ALLOW_HEADERS	CORS allowed headers	*
DIAG_SERVER_JWT_SECRET_KEY	JWT secret key	N/A (must be set in production)
DIAG_SERVER_JWT_ALGORITHM	JWT algorithm	HS256
DIAG_SERVER_SECURITY_EXPIRE_MINUTES	JWT expiration time in minutes	1440 (24 hours)
DIAG_SERVER_TOKEN_BLACKLIST_CLEANUP_ENABLED	Enable/disable token cleanup task	true
DIAG_SERVER_TOKEN_BLACKLIST_CLEANUP_INTERVAL_SECONDS	Cleanup interval in seconds (how often to remove expired tokens from database)	1800
DIAG_SERVER_DATA_PURGE_ENABLED	Enable/disable data purge background task	true
DIAG_SERVER_DATA_PURGE_RUN_TIME	Run time in 24-hour format (HH:MM)	00:00 (midnight)
DIAG_SERVER_DATA_PURGE_ERROR_LOGS_RETENTION_DAYS	Retention period for error_logs in days	7
DIAG_SERVER_DATA_PURGE_POD_TEST_RESULT_RETENTION_DAYS	Retention period for pod_test_result in days	30
DIAG_SERVER_DATA_PURGE_RETRY_INTERVAL_SECONDS	Retry interval in seconds when purge task encounters an error	3600 (1 hour)
DIAG_SERVER_HEARTBEAT_ACTIVE_THRESHOLD_SECONDS	Heartbeat active threshold in seconds	120
DIAG_SERVER_HEARTBEAT_DEGRADED_THRESHOLD_SECONDS	Heartbeat degraded threshold in seconds	600

Save and close the file.
Generate the Helm charts. This step prepares the necessary Kubernetes configurations for deploying the Privacera services:
Bash
1 2
cd ~/privacera/privacera-manager ./privacera-manager.sh setup
Apply the Helm charts. This will deploy the Privacera services to your Kubernetes cluster:
Bash
1 2
cd ~/privacera/privacera-manager ./pm_with_helm.sh upgrade

Prev Advanced Configuration