Configuration Reference
Anka Build Cloud Configuration Reference
Controller Configuration Reference
Configuring your Anka Build Cloud Controller & Registry to enable features or customize URLs has several methods available.
Environment Variables
Depending on the package you’re using (native or docker), you can set ENV variables to modify the configuration of your controller and registry.
Our default docker package will use .env files to store the configuration ENVs. Both that and the below example are valid ways to configure the Anka Build Cloud.
docker-compose.yml (docker)
version: '2'
services:
anka-controller:
container_name: anka-controller
build:
context: controller
ports:
- "80:80"
# volumes:
# - /Users/myUserName:/mnt/cert
depends_on:
- etcd
- anka-registry
restart: always
environment:
ANKA_ANKA_REGISTRY: "http://anka.registry:8089"
# SSL + Cert Auth
# ANKA_USE_HTTPS: "true"
# ANKA_SERVER_CERT: "/mnt/cert/anka-controller-crt.pem"
# ANKA_SERVER_KEY: "/mnt/cert/anka-controller-key.pem"
# ANKA_SKIP_TLS_VERIFICATION: "true"
# ANKA_ENABLE_AUTH: "true"
# ANKA_ROOT_TOKEN: "1111111111"
# ANKA_CA_CERT: "/mnt/cert/anka-ca-crt.pem"
# ANKA_CLIENT_CERT="/mnt/cert/anka-controller-crt.pem"
# ANKA_CLIENT_CERT_KEY="/mnt/cert/anka-controller-key.pem"
anka-registry:
container_name: anka-registry
build:
context: registry
ports:
- "8089:8089"
restart: always
volumes:
- "/Library/Application Support/Veertu/Anka/registry:/mnt/vol"
# environment:
# SSL + Cert Auth
# ANKA_USE_HTTPS: "true"
# ANKA_SERVER_CERT: "/mnt/cert/anka-controller-crt.pem"
# ANKA_SERVER_KEY: "/mnt/cert/anka-controller-key.pem"
# ANKA_SKIP_TLS_VERIFICATION: "true"
# ANKA_ENABLE_REGISTRY_AUTHORIZATION: "true"
# ANKA_ENABLE_AUTH: "true"
# ANKA_CA_CERT: "/mnt/cert/anka-ca-crt.pem"
# ANKA_CLIENT_CERT="/mnt/cert/anka-controller-crt.pem"
# ANKA_CLIENT_CERT_KEY="/mnt/cert/anka-controller-key.pem"
etcd:
build:
context: etcd
volumes:
- /var/etcd-data:/etcd-data
environment:
ETCD_DATA_DIR: "/etcd-data"
ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379"
ETCD_LISTEN_PEER_URLS: "http://0.0.0.0:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS: "http://0.0.0.0:2380"
ETCD_INITIAL_CLUSTER: "my-etcd=http://0.0.0.0:2380"
ETCD_INITIAL_CLUSTER_TOKEN: "my-etcd-token"
ETCD_INITIAL_CLUSTER_STATE: "new"
ETCD_AUTO_COMPACTION_RETENTION: "1"
ETCD_NAME: "my-etcd"
restart: always
/usr/local/bin/anka-controllerd (native)
When editing the /usr/local/bin/anka-controllerd, be sure to use export when setting the ENV.
#!/bin/bash
export ANKA_STANDALONE="true"
export ANKA_LISTEN_ADDR=":80"
export ANKA_DATA_DIR="/Library/Application Support/Veertu/Anka/anka-controller"
export ANKA_ENABLE_CENTRAL_LOGGING="true"
export ANKA_LOG_DIR="/Library/Logs/Veertu/AnkaController"
export ANKA_RUN_REGISTRY="true"
export ANKA_REGISTRY_BASE_PATH="/Library/Application Support/Veertu/Anka/registry"
export ANKA_REGISTRY_LISTEN_ADDRESS="anka.registry:8089"
export ANKA_ANKA_REGISTRY="http://anka.registry:8089"
# SSL + Cert Auth
#export ANKA_ANKA_REGISTRY="https://anka.registry:8089"
#export ANKA_USE_HTTPS="true"
#export ANKA_SKIP_TLS_VERIFICATION="true"
#export ANKA_SERVER_CERT="/Users/MyUser/anka-controller-crt.pem"
#export ANKA_SERVER_KEY="/Users/MyUser/anka-controller-key.pem"
#export ANKA_ENABLE_AUTH="true"
#export ANKA_ENABLE_REGISTRY_AUTHORIZATION="true"
#export ANKA_CA_CERT="/Users/MyUser/anka-ca-crt.pem"
#export ANKA_CLIENT_CERT="/Users/MyUser/anka-controller-crt.pem"
#export ANKA_CLIENT_CERT_KEY="/Users/MyUser/anka-controller-key.pem"
#export ANKA_ROOT_TOKEN="1111111111"
/Library/Application\ Support/Veertu/Anka/bin/anka-controller
Controller Configuration ENVs
General & Commonly used
| ENV | Type | Description | Default Value |
|---|
| ANKA_ANKA_REGISTRY | (string) | Anka Registry address that will be used by Nodes to pull/download VM Templates and Tags (format: “http[s]://address:[port]”). | |
| ANKA_CLEAN_MAC_ADDRESS_INTERVAL | (duration) | Delay between cleaning mac addresses. | 1h0m0s |
| ANKA_DEFRAG_DB_INTERVAL | (duration) | The interval for defragging ETCD (0 is disable). | 3h0m0s |
| ANKA_ETCD_ENDPOINTS | (string) | Comma separated list of etcd addresses. These endpoints are used for the Application DB (instance, group, node information) and the Queue DB (if not defined separately with ANKA_QUEUE_ETCD_ENDPOINTS). | 127.0.0.1:2379 |
| ANKA_FILL_MAC_ADDRESS_RANGE_INTERVAL | (duration) | Interval to execute the mac address range validation. | 3h0m0s |
| ANKA_INSTANCE_TIME_OUT | (duration) | The time that instances stay in ‘Terminated’ state. | 1m0s |
| ANKA_LISTEN_ADDR | (string) | The address and/or port the controller will listen on (format: “[address]:port”). | :80 |
| ANKA_LOCAL_ANKA_REGISTRY | (string) | This parameter is for situations where the Controller and Registry are on the same network and you want to use localhost/local DNS for communication between them (format: “http[s]://address:[port]”). | |
| ANKA_MAC_ADDR_RANGE | (string) | Pass the range of mac addresses to use. manage-mac-addresses must be set to true to use this option. format is - (example: 00:00:00:00:00:00-FF:FF:FF:FF:FF:FF). | |
| ANKA_MAC_ADDR_RANGE_MAX_RETRIES | (int) | Times to retry to get mac address from the database before giving up and returning an error. | 100 |
| ANKA_MANAGE_MAC_ADDRESSES | (boolean) | Enables the controller to manage mac addresses of VMs. Check our docs for more info and caveats. | false |
| ANKA_NUM_WORKERS | (int) | The number of concurrent workers processing node tasks. | 2 |
| ANKA_PUSH_REGISTRY | (string) | Comma separated list of Registry addresses to use for push operations (saveImage/Jenkins cache building). | |
| ANKA_QUEUE_ETCD_ENDPOINTS | (string) | Comma seperated list of ETCD endpoints to use for queue data (only available in standalone mode). | |
| ANKA_STANDALONE | (boolean) | Run controller service, the built in registry, and etcd database together. Setting this to true runs only the controller service. | false |
Logging
| ENV | Type | Description | Default Value |
|---|
| ANKA_CMD_LOG_MAX_DAYS | (int) | Number of days to keep cmd logs (0 will use the value in log-max-days). | 7 |
| ANKA_CMD_LOG_MAX_MB | (int) | MB limit for cmd log files (0 will use the value in log-max-mb). | 1024 |
| ANKA_ENABLE_CENTRAL_LOGGING | (boolean) | Enables central logging. This will forward all docs from the controller and nodes into the registry’s data directory using the REST API of the Registry. | false |
| ANKA_ENABLE_EVENT_LOGGING | (boolean) | (Enterprise Plus Only) Enables event logging. They will show under the Controller’s Logs section after the first instance is created. | false |
| ANKA_ERROR_LOG_MAX_DAYS | (int) | Number of days to keep error logs (0 will use the value in log-max-days). | 3 |
| ANKA_ERROR_LOG_MAX_MB | (int) | MB limit for error log files (0 will use the value in log-max-mb). | 200 |
| ANKA_EVENT_LOG_URL | (string) | (Enterprise Plus Only) The url to post events to in json format. | |
| ANKA_INFO_LOG_MAX_DAYS | (int) | Number of days to keep info logs (0 will use the value in log-max-days). | 0 |
| ANKA_INFO_LOG_MAX_MB | (int) | MB limit for info log files (0 will use the value in log-max-mb). | 0 |
| ANKA_LOG_MAX_DAYS | (int) | Number of days to keep logs for all log types unless otherwise defined. | 7 |
| ANKA_LOG_MAX_MB | (int) | MB limit for log files, for all log types unless otherwise defined. | 700 |
HTTPS / TLS
| ENV | Type | Description | Default Value |
|---|
| ANKA_CIPHER_SUITES | (string) | A list of cipher suites to use for HTTPS/TLS. Supported Options: tls_rsa_with_aes_128_cbc_sha, tls_rsa_with_aes_256_cbc_sha, tls_rsa_with_aes_128_gcm_sha256, tls_rsa_with_aes_256_gcm_sha384, tls_aes_128_gcm_sha256, tls_aes_256_gcm_sha384, tls_chacha20_poly1305_sha256, tls_ecdhe_ecdsa_with_aes_128_cbc_sha, tls_ecdhe_ecdsa_with_aes_256_cbc_sha, tls_ecdhe_rsa_with_aes_128_cbc_sha, tls_ecdhe_rsa_with_aes_256_cbc_sha, tls_ecdhe_ecdsa_with_aes_128_gcm_sha256, tls_ecdhe_ecdsa_with_aes_256_gcm_sha384, tls_ecdhe_rsa_with_aes_128_gcm_sha256, tls_ecdhe_rsa_with_aes_256_gcm_sha384, tls_ecdhe_rsa_with_chacha20_poly1305_sha256, tls_ecdhe_ecdsa_with_chacha20_poly1305_sha256 | |
| ANKA_MAX_TLS_VERSION | (string) | The max tls version to use with HTTPS/TLS. Supported Options: tls_1.0, tls_1.1, tls_1.2, tls_1.3 | |
| ANKA_MIN_TLS_VERSION | (string) | The min tls version to use with HTTPS/TLS. Supported Options: tls_1.0, tls_1.1, tls_1.2, tls_1.3 | |
| ANKA_SERVER_CERT | (string) | HTTPS/TLS certificate file in PEM format. | |
| ANKA_SERVER_KEY | (string) | HTTPS/TLS certificate private key file in PEM format. | |
| ANKA_SKIP_TLS_VERIFICATION | (boolean) | Don’t verify the HTTPS/TLS certificates (for self-signed certs). | false |
| ANKA_USE_HTTPS | (boolean) | Enable HTTPS/TLS protocol for the controller UI and API (requires server-cert & server-key). | false |
Built in Registry
| ENV | Type | Description | Default Value |
|---|
| ANKA_ENABLE_CONTROLLER_AUTHORIZATION | (boolean) | Enable Authorization for the Controller. | false |
| ANKA_ENABLE_REGISTRY_AUTHORIZATION | (boolean) | Enable Authorization for the built in Registry. | false |
| ANKA_REGISTRY_ACCESS_LOGS | (boolean) | Enables registry access logs. | false |
| ANKA_REGISTRY_BASE_PATH | (string) | Built-in Registry’s data storage path. | |
| ANKA_REGISTRY_LISTEN_ADDRESS | (string) | Address for built in Registry to listen on. | :8089 |
| ANKA_RUN_REGISTRY | (boolean) | Run Built-in Registry (useful if not using standalone mode, but you still want the controller and registry to run together; no etcd). | false |
Built in ETCD
| ENV | Type | Description | Default Value |
|---|
| ANKA_ADVERTISE_CLIENT_URLS | (string) | Comma separated list of client urls for ETCD to advertise (only available in standalone mode) | http://127.0.0.1:2379 |
| ANKA_AUTO_COMPACTION_MODE | (string) | The ETCD auto compaction mode, (‘periodic’ or ‘revision’) (only available in standalone mode) | periodic |
| ANKA_AUTO_COMPACTION_RETENTION | (string) | The ETCD auto compaction retention length (0 is disabled) (only available in standalone mode) | 30m |
| ANKA_DATA_DIR | (string) | The ETCD data directory location (only available in standalone mode) | /tmp/etcd-data |
| ANKA_INITIAL_ADVERTISE_PEER_URLS | (string) | Comma separated list of peer urls for ETCD to advertise (only available in standalone mode) | http://0.0.0.0:2380 |
| ANKA_INITIAL_CLUSTER | (string) | The initial ETCD cluster configuration for bootstrapping (only available in standalone mode) | anka-etcd=http://0.0.0.0:2380 |
| ANKA_INITIAL_CLUSTER_STATE | (string) | The initial cluster state for ETCD (’new’ or ’existing’) (only available in standalone mode) | new |
| ANKA_INITIAL_CLUSTER_TOKEN | (string) | The cluster token used in ETCD during bootstrap (only available in standalone mode) | etcd-server |
| ANKA_LISTEN_CLIENT_URLS | (string) | Comma separated list client urls for ETCD to use (only available in standalone mode) | http://127.0.0.1:2379 |
| ANKA_LISTEN_PEER_URLS | (string) | Comma separated list of peer urls for ETCD to use (only available in standalone mode) | http://0.0.0.0:2380 |
| ANKA_NAME | (string) | The name for your ETCD server (only available in standalone mode) | anka-etcd |
Authentication and Authorization
| ENV | Type | Description | Default Value |
|---|
| ANKA_API_KEY_FILE | (string) | API Key client file used for authentiation. Takes precedence over api-key-string | |
| ANKA_API_KEY_ID | (string) | API Key client id used for authentiation | |
| ANKA_API_KEY_STRING | (string) | API Key client string used for authentiation | |
| ANKA_API_KEYS_CLEANING_INTERVAL | (duration) | Interval for cleaning of expired api keys | 4h0m0s |
| ANKA_API_KEYS_SESSION_TTL | (duration) | API Keys session time before expiration | 5m0s |
| ANKA_CA_CERT | (string) | (Certificate Authentication) The CA/root cert used to authenticate incoming requests/certs | |
| ANKA_CLIENT_CERT | (string) | (Certificate Authentication) The Controller will use this when making http requests, mainly to the Registry | |
| ANKA_CLIENT_CERT_KEY | (string) | (Certificate Authentication) The Controller will use this when making http requests, mainly to the Registry | |
| ANKA_CLIENT_KEYPASS | (string) | (Certificate Authentication) Password for certificate and keystore (optional) | |
| ANKA_CLIENT_KEYSTORE | (string) | (Certificate Authentication) A client keystore file in pkcs12 format; The Controller will use this when making http requests, mainly to the Registry | |
| ANKA_ENABLE_API_KEYS | (boolean) | Enable API Key Authentication | false |
| ANKA_ENABLE_AUTH | (boolean) | Enable Authentication (Root Token, Certificate, SSO/OpenID or API Keys) | false |
| ANKA_ETCD_CA_CERT | (string) | (Etcd Certificate Authentication) The Etcd client will use this when connecting to the cluster | |
| ANKA_ETCD_CERT | (string) | (Etcd Certificate Authentication) The Etcd client will use this when connecting to the cluster | |
| ANKA_ETCD_CERT_KEY | (string) | (Etcd Certificate Authentication)The Etcd client will use this when connecting to the cluster | |
| ANKA_ETCD_PASSWORD | (string) | (Etcd Certificate Authentication) Etcd Password to use for login | |
| ANKA_ETCD_USERNAME | (string) | (Etcd Certificate Authentication) Etcd Username to use for login | |
| ANKA_OIDC_CLIENT_ID | (string) | (OpenID/SSO) Client id | |
| ANKA_OIDC_DISPLAY_NAME | (string) | (OpenID/SSO) Name to display on login page | |
| ANKA_OIDC_GROUPS_CLAIM | (string) | (OpenID/SSO) Claim key to use for groups, defaults to groups | groups |
| ANKA_OIDC_PROVIDER_URL | (string) | (OpenID/SSO) Provider url | |
| ANKA_OIDC_USERNAME_CLAIM | (string) | (OpenID/SSO) Claim key to use for user name, defaults to name | |
| ANKA_ROOT_CERT | (string) | (Certificate Authentication) Alias of ca-cert | |
| ANKA_ROOT_TOKEN | (string) | Sets the root token that will be used for accessing the Controller UI | |
| ANKA_SKIP_ETCD_TLS_VERIFICATION | (boolean) | (Etcd Certificate Authentication) Don’t verify Etcd TLS certificates (for self signed certificates) | false |
| ANKA_USE_ETCD_LOGIN | (boolean) | (Etcd Certificate Authentication) Enable Etcd client login with username and password | false |
| ANKA_USE_ETCD_TLS | (boolean) | (Etcd Certificate Authentication) Use TLS certificaates for authentication with etcd cluster | false |
Separate Queue Interface
This is an advanced feature, it allows you to have a second http interface that will be used only by the cluster’s Nodes
| ENV | Type | Description | Default Value |
|---|
| ANKA_CLEAN_QUEUES_INTERVAL | (duration) | The interval to clean the queues (delete any tasks older than 24 hours), 0 to disable | 1h0m0s |
| ANKA_ENABLE_QUEUE_AUTH | (boolean) | Enable queue Authentication | false |
| ANKA_QUEUE_ADDR | (string) | The address to use for the queue (format: “http[s]://address:[port]”) | |
| ANKA_QUEUE_CA_CERT | (string) | The HTTPS/TLS CA cert for the queue | |
| ANKA_QUEUE_SERVER_CERT | (string) | The HTTPS/TLS certificate file in PEM format for the queue | |
| ANKA_QUEUE_SERVER_KEY | (string) | The HTTPS/TLS private key in PEM format for the queue | |
| ANKA_USE_QUEUE_TLS | (boolean) | Enable queue HTTPS/TLS | false |
| ENV | Type | Description | Default Value |
|---|
| ANKA_BATCH_TASK_COUNT | (int) | The number of tasks to get from the queue in one request (max 40) | 2 |
| ANKA_ETCD_REQUEST_TIMEOUT | (duration) | Client side timeout for ETCD requests | 20s |
| ANKA_INSTANCE_ACTIVE_TIMEOUT | (duration) | How long before an instance is declared as ’not communicating' | 2m0s |
| ANKA_NODE_ACTIVE_TIMEOUT | (duration) | How long before a node is declared as ‘offline’ | 2m0s |
| ANKA_SCHEDULER_INTERVAL | (duration) | The interval for checking scheduled tasks | 30m0s |
Internal
These are used internally. It’s recommended that you don’t modify them unless absolutely necessary
| ENV | Type | Description | Default Value |
|---|
| ANKA_ALLOW_CORS | (boolean) | Add Access-Control-Allow-Origin to all routes | false |
| ANKA_NO_NODE_UPGRADES | (boolean) | Set this flag to true to turn off automatic node upgrade | false |
| ANKA_VRAMTHRESHOLD | (float) | The minimum RAM percentage threshold to use for the UI graph | 0 |
Other
| ENV | Type | Description | Default Value |
|---|
| ANKA_ALLOW_EMPTY_REGISTRY | (boolean) | Allow controller to start without an external registry address (not recommended) | false |
Registry Configuration ENVs
General
| ENV | Type | Description | Default Value |
|---|
| ANKA_INTERNAL_LISTEN_ADDR | (string) | The local address and/or port the registry will listen on (format: “[address]:port”) | |
| ANKA_LISTEN_ADDR | (string) | The address and/or port the registry will listen on (format: “[address]:port”) | |
Logging
| ENV | Type | Description | Default Value |
|---|
| ANKA_ACCESS_LOGS | (boolean) | Enables registry access logs | false |
| ANKA_CMD_LOG_MAX_DAYS | (int) | Number of days to keep cmd logs (0 will use the value in log-max-days) | 7 |
| ANKA_CMD_LOG_MAX_MB | (int) | MB limit for cmd log files (0 will use the value in log-max-mb) | 1024 |
| ANKA_ENABLE_CENTRAL_LOGGING | (boolean) | Enables central logging | false |
| ANKA_ERROR_LOG_MAX_DAYS | (int) | Number of days to keep error logs (0 will use the value in log-max-days) | 3 |
| ANKA_ERROR_LOG_MAX_MB | (int) | MB limit for error log files (0 will use the value in log-max-mb) | 200 |
| ANKA_FILES_DIR | (string) | Dir to store files | /files |
| ANKA_INFO_LOG_MAX_DAYS | (int) | Number of days to keep info logs (0 will use the value in log-max-days) | 0 |
| ANKA_INFO_LOG_MAX_MB | (int) | MB limit for info log files (0 will use the value in log-max-mb) | 0 |
| ANKA_KEEP_LOGS_FOR | (int) | The number of days to keep logs | 7 |
| ANKA_LOG_MAX_DAYS | (int) | Number of days to keep logs for all log types unless otherwise defined | 7 |
| ANKA_LOG_MAX_MB | (int) | MB limit for log files, for all log types unless otherwise defined | 700 |
| ANKA_LOG_SERVER_BACKEND_TYPE | (string) | The log server backend type, either ‘disk’ or ‘azure’ | disk |
| ANKA_LOG_SERVER_ADDR | (string) | The address and/or port the registry will send logs to | |
| ANKA_LOGS_DIR | (string) | Dir to store central log files | /central-logs |
| ANKA_MAX_LOG_SIZE | (int) | The maximum size for a log file in MB | 1024 |
| ANKA_ROTATE_LOG_FILES_AT_MAX_FILE_SIZE | (boolean) | Rotate log files when they reach the size specified in max-log-size | true |
| ANKA_ROTATE_LOG_FILES_END_OF_DAY | (boolean) | Rotate log files at the end of each day | false |
HTTPS / TLS
| ENV | Type | Description | Default Value |
|---|
| ANKA_CIPHER_SUITES | (string) | A list of cipher suites to use for HTTPS/TLS. Supported Options: tls_rsa_with_aes_128_cbc_sha, tls_rsa_with_aes_256_cbc_sha, tls_rsa_with_aes_128_gcm_sha256, tls_rsa_with_aes_256_gcm_sha384, tls_aes_128_gcm_sha256, tls_aes_256_gcm_sha384, tls_chacha20_poly1305_sha256, tls_ecdhe_ecdsa_with_aes_128_cbc_sha, tls_ecdhe_ecdsa_with_aes_256_cbc_sha, tls_ecdhe_rsa_with_aes_128_cbc_sha, tls_ecdhe_rsa_with_aes_256_cbc_sha, tls_ecdhe_ecdsa_with_aes_128_gcm_sha256, tls_ecdhe_ecdsa_with_aes_256_gcm_sha384, tls_ecdhe_rsa_with_aes_128_gcm_sha256, tls_ecdhe_rsa_with_aes_256_gcm_sha384, tls_ecdhe_rsa_with_chacha20_poly1305_sha256, tls_ecdhe_ecdsa_with_chacha20_poly1305_sha256 | |
| ANKA_MAX_TLS_VERSION | (string) | The max tls version to use with HTTPS/TLS. Supported Options: tls_1.0, tls_1.1, tls_1.2, tls_1.3 | |
| ANKA_MIN_TLS_VERSION | (string) | The min tls version to use with HTTPS/TLS. Supported Options: tls_1.0, tls_1.1, tls_1.2, tls_1.3 | |
| ANKA_SERVER_CERT | (string) | HTTPS/TLS certificate file in PEM format | |
| ANKA_SERVER_KEY | (string) | HTTPS/TLS certificate private key file in PEM format | |
| ANKA_SKIP_TLS_VERIFICATION | (boolean) | Don’t verify the HTTPS/TLS certificates (for self-signed certs) | false |
| ANKA_USE_HTTPS | (boolean) | Enable HTTPS/TLS protocol for the controller UI and API (requires server-cert & server-key) | false |
| ANKA_USE_HTTPS_INTERNAL | (boolean) | Use https protocol for the internal_listen_addr address/port | false |
Authentication / Authorization
| ENV | Type | Description | Default Value |
|---|
| ANKA_ALSOLOGTOSTDERR | | log to standard error as well as files | true |
| ANKA_API_KEYS_CLEANING_INTERVAL | (duration) | Interval for cleaning of expired api keys | 4h0m0s |
| ANKA_API_KEYS_SESSION_TTL | (duration) | API Keys session time before expiration | 5m0s |
| ANKA_BACKEND_PLUGIN_PATH | (string) | The path to a backend plugin (instead of using disk) | |
| ANKA_CA_CERT | (string) | (Certificate Authentication) The CA/root cert used to authenticate incoming requests/certs | |
| ANKA_ENABLE_API_KEYS | (boolean) | Enable API Key Authentication | false |
| ANKA_ENABLE_AUTH | (boolean) | Enable Authentication (Root Token, Certificate, SSO/OpenID or API Keys) | false |
| ANKA_ENABLE_AUTHORIZATION | (boolean) | Enable Authorization for the registry | false |
| ANKA_OIDC_CLIENT_ID | (string) | (OpenID/SSO) Client id | |
| ANKA_OIDC_GROUPS_CLAIM | (string) | (OpenID/SSO) Claim key to use for groups, defaults to groups | groups |
| ANKA_OIDC_PROVIDER_URL | (string) | (OpenID/SSO) Provider url | |
| ANKA_OIDC_USERNAME_CLAIM | (string) | (OpenID/SSO) Claim key to use for user name, defaults to name | |
| ANKA_ROOT_TOKEN | (string) | Sets the root token that will be used for accessing the Controller UI | |
| ANKA_USE_BACKEND_PLUGIN | (boolean) | Turns on usage of backend plugin provided by backend-plugin-path | false |