Rack Parameters

A Rack parameter is a CloudFormation parameter on the Rack's stack that controls how the underlying AWS infrastructure, networking, scaling, and security are configured. You set Rack parameters with convox rack params set, which applies them by updating the Rack's CloudFormation stack. The update runs asynchronously, so the command returns once the stack update has been requested while the change is still rolling out.

Setting Parameters

Parameters can be set using the following command:

$ convox rack params set Foo=bar

You can also set multiple parameters at once:

$ convox rack params set Foo=bar Baz=qux

Parameters

Parameter Default Description
Ami "" Custom Amazon Machine Image for Rack instances
ApiCount 2 Number of Rack API containers to run
ApiCpu 128 CPU units reserved by the API web process
ApiMonitorMemory 128 Memory (MB) reserved by the API monitor process
ApiRouter ELB Legacy load balancer type label for the Rack API
ApiWebMemory 256 Memory (MB) reserved by the API web process
Autoscale Yes Enable or disable Rack instance autoscaling
AutoscaleExtra 1 Extra capacity instances maintained by autoscale
AvailabilityZones "" Override the default Availability Zones
BuildCache No Enable persistent build layer caching to a dedicated ECR repository
BuildCacheCleanup No Automatically expire old build cache images
BuildCacheRetentionDays 30 Days to retain build cache images before expiry
BuildCpu 256 CPU units allocated to builds
BuildImage "" Override the default builder image
BuildInstance t3.small EC2 instance type for the dedicated build instance
BuildInstancePolicy "" Additional IAM policy ARN for build instances
BuildInstanceSecurityGroup "" Security group for build instances
BuildMemory 1000 Memory (MB) allocated to builds
BuildMethod ec2 Build process type (EC2 or Fargate)
BuildVolumeSize 100 Build disk size in GB
ContainerInsights No Enable CloudWatch Container Insights on the ECS cluster
CpuCredits "" CPU credit option for T instances
DefaultAmi .../amazon-linux-2/recommended/image_id Default AMI for x86_64 instances
DefaultAmiArm .../amazon-linux-2/arm64/recommended/image_id Default AMI for ARM64 instances
DisableALBPort80 No Disable port 80 on the ALB
DynamoDbTableDeletionProtectionEnabled false Enable DynamoDB table deletion protection
DynamoDbTablePointInTimeRecoveryEnabled false Enable DynamoDB point-in-time recovery
EcsContainerStopTimeout "" Custom ECS container stop timeout in seconds
ECSExec No Enable ECS Exec for interactive container access via SSM
EcsPollInterval 1 ECS service update poll interval in seconds
EnableContainerReadonlyRootFilesystem No Enable read-only root filesystem for containers
EnableS3Versioning Suspended Enable S3 bucket versioning for Rack buckets
EnableSharedEFSVolumeEncryption false Enable KMS encryption on the shared EFS volume
EncryptEbs No Encrypt EBS volumes at rest
Encryption Yes Encrypt secrets with KMS
ExistingVpc "" Use an existing VPC by ID
FargateBuildCpu "" CPU for Fargate builds
FargateBuildMemory "" Memory for Fargate builds
HighAvailability true Enable High Availability mode (immutable after creation)
HttpProxy "" HTTP proxy for outbound connections
ImagePullBehavior default Docker image pull behavior
IMDSHttpPutResponseHopLimit 1 IMDS HTTP PUT response hop limit
IMDSHttpTokens optional Require IMDSv2 tokens
InstanceBootCommand "" Cloud-init boot command for instances
InstanceCount 3 Number of EC2 instances (HA mode)
InstancePolicy "" Additional IAM policy ARN for cluster instances
InstanceRunCommand "" Cloud-init run command for instances
InstanceSecurityGroup "" Security group for ECS instances
InstancesIpToIncludInWhiteListing Both Auto-whitelist instance IPs
InstanceType t3.small EC2 instance type for the Rack cluster
InstanceUpdateBatchSize 1 Instances to update per batch during rolling updates
Internal No Enable the internal load balancer
InternalOnly No Only support internal applications
InternalRouterSuffix -rti Suffix for internal router domain
InternetGateway "" Internet Gateway ID for an existing VPC
Key "" SSH key name for cluster access
LoadBalancerIdleTimeout 3600 ALB idle timeout in seconds
LogBucket "" S3 bucket for load balancer and Rack logs
LogDriver CloudWatch Log driver for Rack and services
LogRetention 7 Days to retain logs
MaintainTimerState No Maintain timer enable/disable state across deploys
MaxAvailabilityZones 3 Maximum Availability Zones to use
NLB No Enable a public Network Load Balancer for TCP services
NLBAllowCIDR 0.0.0.0/0 CIDR allowlist for public NLB listeners (max 5 entries)
NLBCrossZone No Enable cross-zone load balancing on the public NLB
NLBDeletionProtection No Block accidental deletion of the public NLB
NLBInternal No Enable an internal Network Load Balancer for TCP services
NLBInternalAllowCIDR "" CIDR allowlist for internal NLB listeners (empty = VPC CIDR, max 5)
NLBInternalCrossZone No Enable cross-zone load balancing on the internal NLB
NLBInternalDeletionProtection No Block accidental deletion of the internal NLB
NLBInternalPreserveClientIP No Forward real client IP to internal NLB target tasks
NLBPreserveClientIP No Forward real client IP to public NLB target tasks
NoHAAutoscaleExtra 0 Extra autoscale capacity for non-HA Racks
NoHaInstanceCount 1 Number of instances for non-HA Racks
OnDemandMinCount 3 Minimum on-demand instances when using spot
Password (required) API HTTP password
PlaceLambdaInVpc No Place Convox Lambda functions inside the VPC
Private No Create resources in private subnets
PrivateApi No Place the Rack API load balancer in a private network
PrivateApiSecurityGroup "" Security group for private API access
PrivateBuild No Place build instances in a private network
PruneOlderImagesCronRunFreq daily Cron frequency for Docker image pruning
PruneOlderImagesInHour 96 Prune Docker images older than this many hours
RouterInternalSecurityGroup "" Security groups for the internal router
RouterMitigationMode defensive Load balancer desync mitigation mode
RouterSecurityGroup "" Custom security group for the Rack router
ScheduleRackScaleDown "" Cron schedule to scale down the Rack
ScheduleRackScaleUp "" Cron schedule to scale up the Rack
SecretsManagerEnv No Inject env vars from AWS Secrets Manager at task launch
SpotFleetAllocationStrategy lowestPrice Spot Fleet allocation strategy
SpotFleetAllowedInstanceTypes "" Allowed instance types for Spot Fleet
SpotFleetExcludedInstanceTypes "" Excluded instance types for Spot Fleet
SpotFleetMaxPrice "" Maximum price per hour for Spot Fleet
SpotFleetMinMemoryMiB 1000 Minimum memory (MiB) for Spot Fleet instances
SpotFleetMinOnDemandCount 1 (2 if HA) Minimum on-demand instances in Spot Fleet
SpotFleetMinVcpuCount 0 Minimum vCPU count for Spot Fleet instances
SpotFleetTargetType units Unit type for Spot Fleet target capacity
SpotInstanceBid "" Bid price in dollars for spot instances
SslPolicy "" SSL policy for the Rack load balancer
Subnet0CIDR 10.0.1.0/24 Public Subnet 0 CIDR block
Subnet1CIDR 10.0.2.0/24 Public Subnet 1 CIDR block
Subnet2CIDR 10.0.3.0/24 Public Subnet 2 CIDR block
SubnetPrivate0CIDR 10.0.4.0/24 Private Subnet 0 CIDR block
SubnetPrivate1CIDR 10.0.5.0/24 Private Subnet 1 CIDR block
SubnetPrivate2CIDR 10.0.6.0/24 Private Subnet 2 CIDR block
SwapSize 5 Default swap volume size in GB
SyslogDestination "" Syslog endpoint address
SyslogFormat rfc5424 Syslog message format
Tags "" Custom tags for AWS resources
Tenancy default EC2 instance tenancy (default or dedicated)
Version (required) Convox release version
VolumeSize 50 EBS volume size in GB per instance
VPCCIDR 10.0.0.0/16 VPC CIDR block
WhiteList "" CIDR allowlist for Rack API access

See Also

Convox Logo
Find
HomeProductPricingEnterpriseBlogDocumentation
Follow
LinkedInXGitHub
Chat
sales@convox.com
© Convox 2024 / A Curious Company
Privacy PolicyTerms of Use