dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update information for daprsystem configuration 

Signed-off-by: ItalyPaleAle <43508+ItalyPaleAle@users.noreply.github.com>
This commit is contained in:
ItalyPaleAle 2023-02-25 15:45:42 -08:00
parent 74865bffaa
commit afa50e22e5
1 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
daprdocs/content/en/operations/configuration/configuration-overview.md
View File

@ -214,7 +214,7 @@ See the [preview features]({{< ref "preview-features.md" >}}) guide for informat
### Example sidecar configuration ### Example sidecar configuration
The following yaml shows an example configuration file that can be applied to an applications' Dapr sidecar. The following YAML shows an example configuration file that can be applied to an applications' Dapr sidecar.
```yml ```yml
apiVersion: dapr.io/v1alpha1 apiVersion: dapr.io/v1alpha1
@ -266,15 +266,21 @@ There is a single configuration file called `daprsystem` installed with the Dapr
### Control-plane configuration settings ### Control-plane configuration settings
A Dapr control plane configuration can configure the following settings: A Dapr control plane configuration contains the following sections:
- [`mtls`](#mtls-mutual-tls) for mTLS (Mutual TLS)
### mTLS (Mutual TLS)
The `mtls` section contains properties for mTLS.
| Property | Type | Description | | Property | Type | Description |
|------------------|--------|-------------| |------------------|--------|-------------|
| enabled | bool | Set mtls to be enabled or disabled | `enabled` | bool | If true, enables mTLS for communication between services and apps in the cluster.
| allowedClockSkew | string | The extra time to give for certificate expiry based on possible clock skew on a machine. Default is 15 minutes. | `allowedClockSkew` | string | Allowed tolerance when checking the expiration of TLS certificates, to allow for clock skew. Follows the format used by [Go's time.ParseDuration](https://pkg.go.dev/time#ParseDuration). Default is `15m` (15 minutes).
| workloadCertTTL | string | Time a certificate is valid for. Default is 24 hours | `workloadCertTTL` | string | How long a certificate TLS issued by Dapr is valid for. Follows the format used by [Go's time.ParseDuration](https://pkg.go.dev/time#ParseDuration). Default is `24h` (24 hours).
See the [Mutual TLS]({{< ref "mtls.md" >}}) HowTo and [security concepts]({{< ref "security-concept.md" >}}) for more information. See the [mTLS how-to]({{< ref "mtls.md" >}}) and [security concepts]({{< ref "security-concept.md" >}}) for more information.
### Example control plane configuration ### Example control plane configuration
@ -282,7 +288,7 @@ See the [Mutual TLS]({{< ref "mtls.md" >}}) HowTo and [security concepts]({{< re
apiVersion: dapr.io/v1alpha1 apiVersion: dapr.io/v1alpha1
kind: Configuration kind: Configuration
metadata: metadata:
name: default name: daprsystem
namespace: default namespace: default
spec: spec:
mtls: mtls: