我的书签
添加书签
移除书签Configuration spec
The basic spec for a Dapr Configuration resource
The Configuration is a Dapr resource that is used to configure the Dapr sidecar, control plane, and others.
Sidecar format
apiVersion: dapr.io/v1alpha1kind: Configurationmetadata:name: <REPLACE-WITH-NAME>namespace: <REPLACE-WITH-NAMESPACE>spec:api:allowed:- name: <REPLACE-WITH-API>version: <VERSION>protocol: <HTTP-OR-GRPC>tracing:samplingRate: <REPLACE-WITH-INTEGER>stdout: trueotel:endpointAddress: <REPLACE-WITH-ENDPOINT-ADDRESS>isSecure: <TRUE-OR-FALSE>protocol: <HTTP-OR-GRPC>metrics:enabled: <TRUE-OR-FALSE>rules:- name: <METRIC-NAME>labels:- name: <LABEL-NAME>regex: {}http:increasedCardinality: <TRUE-OR-FALSE>httpPipeline: # for incoming http callshandlers:- name: <HANDLER-NAME>type: <HANDLER-TYPE>appHttpPipeline: # for outgoing http callshandlers:- name: <HANDLER-NAME>type: <HANDLER-TYPE>nameResolution:component: <NAME-OF-NAME-RESOLUTION-COMPONENT>version: <NAME-RESOLUTION-COMPONENT-VERSION>configuration:<NAME-RESOLUTION-COMPONENT-METADATA-CONFIGURATION>secrets:scopes:- storeName: <NAME-OF-SCOPED-STORE>defaultAccess: <ALLOW-OR-DENY>deniedSecrets: <REPLACE-WITH-DENIED-SECRET>components:deny:- <COMPONENT-TO-DENY>accessControl:defaultAction: <ALLOW-OR-DENY>trustDomain: <REPLACE-WITH-TRUST-DOMAIN>policies:- appId: <APP-NAME>defaultAction: <ALLOW-OR-DENY>trustDomain: <REPLACE-WITH-TRUST-DOMAIN>namespace: "default"operations:- name: <OPERATION-NAME>httpVerb: ['POST', 'GET']action: <ALLOW-OR-DENY>
Spec fields
| Field | Required | Details | Example |
|---|---|---|---|
| accessControl | N | Applied to Dapr sidecar for the called application. Enables the configuration of policies that restrict what operations calling applications can perform (via service invocation) on the called appliaction. | Learn more about the accessControl configuration. |
| api | N | Used to enable only the Dapr sidecar APIs used by the application. | Learn more about the api configuration. |
| httpPipeline | N | Configure API middleware pipelines | Middleware pipeline configuration overview Learn more about the httpPipeline configuration. |
| appHttpPipeline | N | Configure application middleware pipelines | Middleware pipeline configuration overview Learn more about the appHttpPipeline configuration. |
| components | N | Used to specify a denylist of component types that can’t be initialized. | Learn more about the components configuration. |
| features | N | Defines the preview features that are enabled/disabled. | Learn more about the features configuration. |
| logging | N | Configure how logging works in the Dapr runtime. | Learn more about the logging configuration. |
| metrics | N | Enable or disable metrics for an application. | Learn more about the metrics configuration. |
| nameResolution | N | Name resolution configuration spec for the service invocation building block. | Learn more about the nameResolution configuration per components. |
| secrets | N | Limit the secrets to which your Dapr application has access. | Learn more about the secrets configuration. |
| tracing | N | Turns on tracing for an application. | Learn more about the tracing configuration. |
Control plane format
The daprsystem configuration file installed with Dapr applies global settings and is only set up when Dapr is deployed to Kubernetes.
apiVersion: dapr.io/v1alpha1kind: Configurationmetadata:name: daprsystemnamespace: defaultspec:mtls:enabled: trueallowedClockSkew: 15mworkloadCertTTL: 24h
Spec fields
| Field | Required | Details | Example |
|---|---|---|---|
| mtls | N | Defines the mTLS configuration | allowedClockSkew: 15mworkloadCertTTL:24hLearn more about the mtls configuration. |
Related links
Last modified March 21, 2024: Merge pull request #4082 from newbe36524/v1.13 (f4b0938)
