Server Configuration
Introduction¶
The BrainFrame server uses a docker-compose.yml
file to configure
many aspects of its runtime behavior. Some options may be changed by
setting environment variables in a .env
file, placed in the same
directory as the docker-compose.yml
file.
Any options not exposed here may be overridden by creating a
docker-compose.override.yml
file in the same directory. Configuration
written here will be applied over the original docker-compose.yml
.
Port Configuration¶
BrainFrame makes three ports available to the host environment by
default, the API and documentation on port 80, the Postgres database on
port 5432, and the StreamGateway server on port 8004. If these ports
conflict with other software running on the host machine, they can be
changed by setting the SERVER_PORT
, DATABASE_PORT
,
STREAM_GATEWAY_PORT
, and RABBITMQ_PORT
variables in the .env
file.
BrainFrame may also proxy video streams to ports in the range 10000-20000. At this time, there is no way to reconfigure these ports.
SERVER_PORT=80
DATABASE_PORT=5432
STREAM_GATEWAY_PORT=8004
RABBITMQ_PORT=5672
Authorization Configuration¶
By default, BrainFrame does not authorize clients and all clients have admin
permissions. If your server is being deployed in a network where access control
is desirable, authorization can be turned on using the AUTHORIZE_CLIENTS
variable in the .env
file.
AUTHORIZE_CLIENTS=true
Warning
The admin user is given a default password of "admin". This should be changed to a secure and unique password for public deployments.
Currently, the admin user's password may only be changed through the REST API.
The following is an example curl
command for doing this. Replace [hostname]
with the hostname of the BrainFrame server and [new password]
with the desired
password.
curl 'http://[hostname]/api/users' \
--user 'admin:admin' \
--request POST \
--header 'Content-Type: application/json' \
--data '{
"id": 1,
"username": "admin",
"password": "[new password]",
"role": "admin"
}'
User Configuration¶
BrainFrame is designed to run using the account of the current non-root user. By
default, 1000 is used for both the user ID and group ID, which matches the
default on most Linux systems. These IDs may be adjusted using the UID
and
GID
variables in the .env
file.
UID=1001
GID=1001
To check the IDs of the currently logged in user, run id -u
for the UID and
id -g
for the GID.
Journal Pruning¶
BrainFrame records analytics results to a Postgres database. Over a long period of time, this can result in a lot of data. To avoid unbounded storage use, BrainFrame prunes journal entries over time and deletes journal entries that are past a certain age.
Journal pruning behavior is controlled by the "pruning age" and "pruning
fraction" variables. The pruning age controls how old a journal entry
must be before it becomes a candidate for pruning. This value also
controls at what interval pruning is run. The pruning fraction variable
controls what portion of journal entries are pruned each time pruning is
run. The pruning fraction variable is a value between 0 and 1, where 0
results in no pruning, and 1 results in the deletion of all journaling
information past the pruning age. These variables may be configured by
setting the PRUNING_AGE
(specified as a duration)
and PRUNING_FRACTION
variables in the .env
file.
# Start pruning journal entries after 1 hour, and run pruning every hour
PRUNING_AGE=0d1h0m
# Prune 5% of all journal entries that are past the pruning age every run
PRUNING_FRACTION=0.05
All journaling information is deleted after it reaches the journal max
age. This value may be configured by setting the JOURNAL_MAX_AGE
variable (specified as a duration) in the .env
file.
# Keep journaling information for 60 days
JOURNAL_MAX_AGE=60d0h0m
Duration Format¶
Settings that specify a duration are in the format XdYhZm
, where X is
the number of days, Y is the number of hours, and Z is the number of
minutes.
AI Accelerator Configuration¶
At the moment the only control over AI accelerator is for OpenVINO devices.
It is possible to change the whitelisted devices and their priority with the
OPENVINO_DEVICE_PRIORITY
.
# Block any device except for CPU
OPENVINO_DEVICE_PRIORITY=CPU
# Load onto both CPU and HDDL, giving priority to CPU
OPENVINO_DEVICE_PRIORITY=CPU,HDDL
# Load onto both CPU and HDDL, giving priority to HDDL
OPENVINO_DEVICE_PRIORITY=HDDL,CPU