Configuration
Lunar Interceptor Configuration
The following table describes the environment variables that can be used to configure Lunar Interceptor.
| VARIABLE | Description | Required? | Default Value | Example |
|---|---|---|---|---|
LUNAR_PROXY_HOST | Configure Lunar Proxy IP and Port | Yes | -- | lunar-proxy:8000 |
LUNAR_HANDSHAKE_PORT | Configure Lunar Proxy Handshake Port. This port is represented as ENGINE_ADMIN_PORT on the Proxy configurations | No | 8081 | 9292 |
LUNAR_INTERCEPTOR_LOG_LEVEL | Configure the log level of the Interceptor | No | ERROR | DEBUG |
LUNAR_ALLOW_LIST | When this variable is set, only requests to domains that are in LUNAR_ALLOW_LIST are forwarded to Lunar Proxy (any other request is sent directly to the API provider) | No | 1 | use.com,192.168.1.1 |
LUNAR_BLOCK_LIST | When this variable is set, requests to domains that are in LUNAR_BLOCK_LIST are not forwarded to Lunar Proxy (instead they are sent directly to the API provider) | No | 2 | do_not_use.com,192.168.1.2 |
LUNAR_ENTER_COOLDOWN_AFTER_ATTEMPTS | Configure the number of successive failed connection attempts that trigger a Failsafe mechanism | No | 5 | 10 |
LUNAR_EXIT_COOLDOWN_AFTER_SEC | Configure the cooldown time in seconds for turning back Proxy availability | No | 10 | 20 |
note
An alternative method for enabling or preventing the forwarding of traffic to Lunar Proxy is by incorporating the x-lunar-allow header. It's essential to ensure that the value of this header is provided as a string, not as a boolean.
- Setting it to
"true": The Interceptor will proceed to route the request to Lunar Proxy. - Setting it to
"false": The Interceptor will directly dispatch the request to the API provider.
To apply a configuration to Lunar Interceptor or Proxy, simply export the relevant env var with the desired value before running them.
export VARIABLE=Value
Lunar Proxy Configuration
| Variable | K8S Variable | Description | Required? | Default Value | Possible Values |
|---|---|---|---|---|---|
TENANT_NAME | tenantName | Configure the name for your organization | Yes | -- | The name of your organization, e.g. Acme, Google |
BIND_PORT | service.port | Configure the bind port Lunar Proxy listens on | No | 8000 | Any accessible port |
ENGINE_ADMIN_PORT | service.adminPort | Configure the admin port Lunar Proxy listens on. Also responsible for the Interceptor handshake | No | 8081 | Any accessible port |
LUNAR_HEALTHCHECK_PORT | service.healthCheckPort | Configure the port Lunar Proxy listens on | No | 8040 | Any accessible port |
LOG_LEVEL | logLevel | Configure the log level | No | ERROR | DEBUG, INFO, WARN, ERROR |
ENV | env | To set the environments stage | No | prod | prod, dev |
LUNAR_TELEMETRY | telemetryEnabled | Allow the user to disable telemetry report | No | true | true, false |
LUNAR_ACCESS_LOGS_OUTPUT | - | Configure the output for access logs | No | stdout | stdout, NULL |
LUNAR_ENGINE_FAILSAFE_ENABLED | engineFailsafeEnabled | Configured to handle critical error in Lunar Engine to keep passing directly to the Provider | No | true | true, false |
REDIS_PREFIX | redisPrefix | Prefix for Redis keys | No | lunar | Prefix for Redis keys |
REDIS_USE_CLUSTER | redisUseCluster | Enable the use of Redis Cluster | No | false | true, false |
REDIS_USE_CA_CERT | - | Enable the use of CA certificate for Redis mTLS connection | No | false | true, false |
REDIS_CA_CERT_PATH | - | Path to the CA certificate file for Redis mTLS connection | No | /etc/redis/ca.crt | Path to the CA certificate file |
REDIS_USE_CLIENT_CERT | - | Enable the use of client certificate for Redis mTLS connection | No | false | true, false |
REDIS_CLIENT_CERT_PATH | - | Path to the client certificate file for Redis mTLS connection | No | /etc/redis/client.crt | Path to the client certificate file |
REDIS_CLIENT_KEY_PATH | - | Path to the client key file for Redis mTLS connection | No | /etc/redis/client.key | Path to the client key file |
note
- Port must be accessible by Lunar Interceptor
- The default port is
8000 - The default port for handshake is
8081 - When
ENGINE_ADMIN_PORTare change, then Lunar InterceptorLUNAR_HANDSHAKE_PORTshould be updated as well. - When
BIND_PORTare changed, then Lunar InterceptorLUNAR_PROXY_HOSTshould be updated as well.
Configuration Example
- Docker
- K8S
- Local
docker run -d --rm -e TENANT_NAME="Acme Corp." -e LOG_LEVEL=DEBUG -e BIND_PORT=8000 -e ENGINE_ADMIN_PORT=8081 -e LUNAR_HEALTHCHECK_PORT=8040 -p 8000:8000 -p 8081:8081 -p 8040:8040 --name lunar-proxy lunarapi/lunar-proxy:latest
helm install lunar-proxy lunar/lunar-proxy --set service.port=8000 --set service.adminPort=8081 --set service.healthCheckPort=8040 --set logLevel=DEBUG --set tenantName="Acme Corp."
export BIND_PORT="8000"
export ENGINE_ADMIN_PORT="8081"
export LUNAR_HEALTHCHECK_PORT="8040"
export LOG_LEVEL="DEBUG"
export TENANT_NAME="Acme Corp."