Merge branch 'current' of github.com:vyos/vyos-documentation into current

docs/configuration/container/index.rst

@@ -133,6 +133,17 @@ Configuration
    - **always**: Restart containers when they exit, regardless of status,
      retrying indefinitely
 
+.. cfgcmd:: set container name <name> cpu-quota <num>
+
+   This specifies the number of CPU resources the container can use.
+
+   Default is 0 for unlimited.
+   For example, 1.25 limits the container to use up to 1.25 cores
+   worth of CPU time.
+   This can be a decimal number with up to three decimal places.
+
+   The command translates to "--cpus=<num>" when the container is created.
+
 .. cfgcmd:: set container name <name> memory <MB>
 
    Constrain the memory available to the container.
@@ -157,6 +168,17 @@ Configuration
      setdomainame)
    - **sys-time**: Permission to set system clock
 
+.. cfgcmd:: set container name <name> sysctl parameter <parameter> value <value>
+
+   Set container sysctl values.
+
+   The subset of possible parameters are:
+
+   - Kernel Parameters: kernel.msgmax, kernel.msgmnb, kernel.msgmni, kernel.sem,
+     kernel.shmall, kernel.shmmax, kernel.shmmni, kernel.shm_rmid_forced
+   - Parameters beginning with fs.mqueue.*
+   - Parameters beginning with net.* (only if user-defined network is used)
+
 .. cfgcmd:: set container name <name> label <label> value <value>
 
    Add metadata label for this container.

docs/configuration/loadbalancing/reverse-proxy.rst

@@ -118,11 +118,6 @@ Backend
 
   Configure backend `<name>` mode TCP or HTTP
 
-.. cfgcmd:: set load-balancing reverse-proxy backend <name> parameters
-   http-check
-
-  Enable layer 7 HTTP health check
-
 .. cfgcmd:: set load-balancing reverse-proxy backend <name> server
    <name> address <x.x.x.x>
 
@@ -166,8 +161,34 @@ Backend
   Set custom HTTP headers to be included in all responses using the backend
 
 
-HTTP health check
+Global
-^^^^^^^^^^^^^^^^^
+-------
+
+Global parameters
+
+.. cfgcmd:: set load-balancing reverse-proxy global-parameters max-connections
+   <num>
+
+  Limit maximum number of connections
+
+.. cfgcmd:: set load-balancing reverse-proxy global-parameters ssl-bind-ciphers
+   <ciphers>
+
+  Limit allowed cipher algorithms used during SSL/TLS handshake
+
+.. cfgcmd:: set load-balancing reverse-proxy global-parameters tls-version-min
+   <version>
+
+  Specify the minimum required TLS version 1.2 or 1.3
+
+
+Health checks
+=============
+
+
+HTTP checks
+-----------
+
 For web application providing information about their state HTTP health
 checks can be used to determine their availability.
 
@@ -190,31 +211,32 @@ checks can be used to determine their availability.
    expect <condition>
 
   Sets the expected result condition for considering a server healthy.
+
   Some possible examples are:
    * ``status 200`` Expecting a 200 response code
    * ``status 200-399`` Expecting a non-failure response code
    * ``string success`` Expecting the string `success` in the response body
 
 
-Global
+TCP checks
--------
+----------
 
-Global parameters
+Health checks can also be configured for TCP mode backends. You can configure
+protocol aware checks for a range of Layer 7 protocols:
 
-.. cfgcmd:: set load-balancing reverse-proxy global-parameters max-connections
+.. cfgcmd:: set load-balancing reverse-proxy backend <name> health-check <protocol>
-   <num>
 
-  Limit maximum number of connections
+  Available health check protocols:
+   * ``ldap`` LDAP protocol check.
+   * ``redis`` Redis protocol check.
+   * ``mysql`` MySQL protocol check.
+   * ``pgsql`` PostgreSQL protocol check.
+   * ``smtp`` SMTP protocol check.
 
-.. cfgcmd:: set load-balancing reverse-proxy global-parameters ssl-bind-ciphers
+.. note:: If you specify a server to be checked but do not configure a
-   <ciphers>
+   protocol, a basic TCP health check will be attempted. A server shall be
-
+   deemed online if it responses to a connection attempt with a valid
-  Limit allowed cipher algorithms used during SSL/TLS handshake
+   ``SYN/ACK`` packet.
-
-.. cfgcmd:: set load-balancing reverse-proxy global-parameters tls-version-min
-   <version>
-
-  Specify the minimum required TLS version 1.2 or 1.3
 
 
 Redirect HTTP to HTTPS

docs/contributing/build-vyos.rst

@@ -65,10 +65,14 @@ To start, clone the repository to your local machine:
   $ ./configure --architecture amd64 --build-by "j.randomhacker@vyos.io"
   $ sudo make iso
 
-  # For VyOS 1.4 (sagitta) and VyOS 1.5 (circinus,current)
+  # For VyOS 1.4 (sagitta)
   $ sudo make clean
   $ sudo ./build-vyos-image iso --architecture amd64 --build-by "j.randomhacker@vyos.io"
 
+  # For VyOS 1.5 (circinus,current)
+  $ sudo make clean
+  $ sudo ./build-vyos-image generic --architecture amd64 --build-by "j.randomhacker@vyos.io"
+
 For the packages required, you can refer to the ``docker/Dockerfile`` file
 in the repository_. The ``./build-vyos-image`` script will also warn you if any
 dependencies are missing.
@@ -274,10 +278,14 @@ Start the build:
   vyos_bld@8153428c7e1f:/vyos$ ./configure --architecture amd64 --build-by "j.randomhacker@vyos.io"
   vyos_bld@8153428c7e1f:/vyos$ sudo make iso
 
-  # For VyOS 1.4 (sagitta) For VyOS 1.5 (circinus,current)
+  # For VyOS 1.4 (sagitta)
   vyos_bld@8153428c7e1f:/vyos$ sudo make clean
   vyos_bld@8153428c7e1f:/vyos$ sudo ./build-vyos-image iso --architecture amd64 --build-by "j.randomhacker@vyos.io"
 
+  # For VyOS 1.5 (circinus,current)
+  vyos_bld@8153428c7e1f:/vyos$ sudo make clean
+  vyos_bld@8153428c7e1f:/vyos$ sudo ./build-vyos-image generic --architecture amd64 --build-by "j.randomhacker@vyos.io"
+
 When the build is successful, the resulting iso can be found inside the
 ``build`` directory as ``live-image-[architecture].hybrid.iso``.