Skip to content

ConfigurationGuide

health: type: http port: 443 checkinterval: "10s" timeout: "2s" http: path: "/healthz" expectedstatus: 200 tls: true insecureSkipVerify: false

metrics: enablePrometheus: true listenAddr: "0.0.0.0" port: 9090 

Example: enable GitOps with signed commits
cluster: id: "prod-emea"

gitops: repoURL: "ssh://gitea@git.example.com/infra/gslb-config.git" branch: "main" pathPrefix: "clusters/prod-emea" pollInterval: "30s" requireSignature: true allowedSigners: ["ABCD1234...FPR"] auth: sshKeyPath: "/etc/gslb/gitops_deploy_key" 

Example: NATS state sync with quorum policy
cluster: id: "prod-global"

state: healthPolicy: "global-quorum" quorumMinPercent: 67 heartbeatInterval: "10s" heartbeatTTL: "30s" nats: servers: ["nats://n1.example.com:4222","nats://n2.example.com:4222","nats://n3.example.com:4222"] tls: caFile: "/etc/gslb/pki/ca.crt" certFile: "/etc/gslb/pki/client.crt" keyFile: "/etc/gslb/pki/client.key" jetStream: domain: "gslb" 

Troubleshooting tips
- If no A/AAAA answers are returned:
  - Ensure endpoints are valid IPs and reachable; check health checks (metrics `gslbd_health_*`).
  - If using `prefer-local`, local health must pass; otherwise global may be ignored.
- If GitOps changes are ignored:
  - Check logs for signature verification failures.
  - Verify `allowedSigners` includes the signer fingerprint.
- If NATS state sync seems inactive:
  - Check `gslbd_state_nats_connected` metric; verify servers list and TLS credentials.

Example: weighted round-robin with per-endpoint weights
cluster: id: "prod-emea" node: id: "edge-fra-02"

dns: listenAddr: "0.0.0.0" port: 5353 domain: "example.gslb"

loadbalancer: algorithm: "weighted-round-robin" # aliases: wrr, weighted_rr endpoints: - 203.0.113.10 - 203.0.113.11 - 2001:db8::10 weights: "203.0.113.10": 5 # higher share "203.0.113.11": 1 # lower share "2001:db8::10": 3 # IPv6 endpoint weighted too

health: type: http port: 443 checkinterval: "10s" timeout: "2s" http: path: "/healthz" expectedstatus: 200 tls: true insecureSkipVerify: false 

Notes on weights
- Weights apply only when `algorithm` is a weighted variant.
- Omitted endpoints default to weight `1`.
- A weight of `0` disables selection of that endpoint (useful for draining) while keeping it listed.

Enabling Configuration Sync (JetStream)
Pleiades can receive the full desired configuration for a cluster via NATS JetStream as YAML. This lets you propagate changes globally in near real-time.

Prerequisites
- NATS 2.x with JetStream enabled and reachable from your nodes.
- Appropriate client credentials and permissions for the stream/subjects and KV bucket.

Node configuration (enable config sync)
state: enableConfigSync: true nats: servers: ["nats://n1.example.com:4222"] jetStream: domain: "gslb" # optional config: mode: "jetstream" # only supported mode stream: "PLEIADES.cfg" subjectPrefix: "pleiades.cfg" kvBucket: "PLEIADES_CFG" applyTimeout: "5s" ```

How it works (v1) - Each cluster has a single YAML document that represents DNS records, services/endpoints/weights, health checks, and policies. - The daemon fetches a snapshot from the KV bucket and then watches the stream subject <subjectPrefix>.<cluster> for updates. - Current status: the NATS wiring and watcher are in place; staged apply of the YAML into runtime components is being implemented.

Tips - Keep your local file-based config minimal when config sync is enabled; the remote YAML will become the source of truth. - Use weighted-round-robin and weights in the YAML to control per-endpoint traffic share.