Pantavisor Configuration

This reference is for advanced users. Before manually editing these values in your config, check if what you intend to do can be achieved through one of the build options.

There are three ways to tweak with Pantavisor configuration, depending on when it can be modified: at compile time, after an update or during runtime.

At compile time

You can take a look at the configuration files we use to build our supported platforms here.

pantavisor.config

Key	Value	Default	Description
system.init.mode	embedded, standalone or appengine	embedded	pantavisor init mode
system.libdir	path	/lib	set lib path
system.etcdir	path	/etc	set etc path
system.rundir	path	/pv	set run path
system.mediadir	path	/media	set media path
system.confdir	path	/configs	set config path
debug.shell	0 or 1	1	enable debug shell
debig.ssh	0 or 1	1	enable debug ssh server
dropbear.cache.dir	path	/storage/cache/dropbear	set dropbear cache path
meta.cache.dir	path	/storage/cache/meta	set metadata cache
bootloader.type	uboot, uboot-pvk or grub	uboot	set type of bootloader
bootloader.mtd_only	0 or 1	0	enable MTD
bootloader.mtd_env	path	N/A	set MTD path
secureboot.mode	disabled, audit, lenient or strict	lenient	set secureboot severity level
secureboot.certdir	path	/certs	set cert path
storage.device	path	N/A	set storage path
storage.fstype	ext4, ubifs or jffs2	N/A (mandatory)	journaling file system
storage.opts	N/A	N/A	not implemented
storage.mntpoint	path	N/A (mandatory)	set pv mount point
storage.mnttype	ext4	disabled	pv mount file system
storage.logtempsize	size	disabled	sets the size of memory dedicated for log storage. The size may have a k, m or g suffix or a % suffix for percentage of memory
storage.wait	integer	5	wait for storage to be available
storage.gc.reserved	integer	5	garbage collector will try to always keep this percentage of disk free
storage.gc.keep_factory	0 or 1	0	avoid deletion of revision 0 objects by the garbage collector
storage.gc.threshold	integer	0	garbage collector will be triggered if there is less than this percentage of disk free. 0 means it will just be run when an update needs more space than available
storage.gc.threshold.defertime	integer	600	time in seconds the garbage collector threshold will be deferred after a new object has been put from the pvctrl objects endpoint
disk.voldir	path	/volumes	set volumes path
updater.conditions.timeout	integer	120	set time in seconds before an update is considered to have failed if not all conditions have been met at that point
updater.use_tmp_objects	0 or 1	0	download objects in an on-disk temporary location. If disabled, objects will be stored in memory while downloading
revision.retries	integer	10	max number of update retries before rollback
revision.retries.timeout	integer	120	set time in seconds before a failed update is retired
wdt.enabled	0 or 1	1	enable kernel watchdog
wdt.timeout	integer	15	set reset timeout in seconds for kernel watchdog
net.brdev	string	lxcbr0	container bridge name
net.braddress4	ip	10.0.3.1	container bridge address
net.brmask4	ip	255.255.255.0	container bridge mask address
log.dir	path	/storage/logs/	set log storage path
lxc.log.level	integer	2	0 to 8 lxc log verbosity level
control.remote	0 or 1	1	enable all communication with Pantahub

Example of pantavisor.config:

bootloader.type=normal-uboot
storage.device=LABEL=pvroot
storage.fstype=ext4
storage.opts=
storage.mntpoint=/storage
wdt.enabled=1
wdt.timeout=30

pantahub.config

Key	Value	Default	Description
creds.type	builtin and ext-*	builtin	set type of authentication
creds.host	ip	192.168.53.1	Pantahub IP
creds.port	port	12365	Pantahub port
creds.proxy.host	proxy host	NULL	Proxy Host (if enabled)
creds.proxy.port	proxy port	3128	Proxy Port
creds.proxy.noproxyconnect	int	0	Disable Proxyconnect protocol (basic http proxy for TLS)
creds.id	string	unset (set after claim)	device id
creds.prn	string	unset (set after claim)	device prn
creds.secret	string	unset (set after claim)	device secret
creds.tpm.key	string	disabled	TMP key
creds.tpm.cert	string	disabled	TMP certificate
factory.autotok	string	disabled	token for auto claiming
updater.keep_factory	0 or 1	0	DEPRECATED: moved to storage.gc.keep_factory in pantavisor.config
updater.interval	integer	60	time between Pantahub requests during waiting operation
updater.network_timeout	integer	120	wait time in seconds before rollback if device does not get network connectivity
updater.commit.delay	integer	180	testing time in seconds after an update
log.dir	path	/storage/logs/	DEPRECATED: moved to pantavisor.config
log.maxsize	integer	2097152 B (2 MB)	max size of a log file before rotating
log.level	0 (FATAL), 1 (ERROR), 2 (WARN), 3 (INFO), 4 (DEBUG) or 5 (ALL)	5	pantavisor log will only capture messages from the set loglevel to 0
log.buf_nitems	integer	128 KB	log buffer size
log.push	0 or 1	1	push logs to cloud. Can be overriden using metadata
log.capture	0 or 1	1	store logs. Disable will stop log push too
log.loggers	0 or 1	1	disable loggers that tail traditional log files used inside containers - often seen in system containers
log.stdout	0 or 1	0	enable pantavisor logs to go to stdout aka dmesg; remember to set ignore_loglevel and printk.devkmsg=on in /proc/cmdline to get all messages on console
libthttp.log.level	0 (FATAL), 1 (ERROR), 2 (WARN), 3 (INFO), 4 (DEBUG) or 5 (ALL)	3	libthttp log will obly capture messages from set level to 0

Example of pantahub.config:

log.level=5
log.buf_nitems=128
updater.interval=5
updater.network_timeout=60
updater.commit.delay=40
creds.host=api.pantahub.com
creds.port=443
creds.id=
creds.prn=
creds.secret=

After an update

Some of the values from the previous section can be overridden when making a new revision of your device's firmware. To do so, you must create a new file with the same format we use for pantavisor.config and reference it from bsp/run.json.

These are the keys that are accepted in this revision configuration. See the previous section for reference:

• storage.wait
• storage.gc.reserved
• storage.gc.keep_factory
• storage.gc.threshold
• storage.gc.threshold.defertime
• updater.conditions.timeout
• updater.use_tmp_objects
• revision.retries
• revision.retries.timeout
• updater.keep_factory
• updater.interval
• updater.network_timeout
• updater.commit.delay
• creds.proxy.host
• creds.proxy.port
• creds.proxy.noproxyconnect
• log.maxsize
• log.level
• log.buf_nitems
• log.push
• log.capture
• libthttp.log.level
• lxc.log.level

For example, we create this file:

$ cat bsp/trail.config 
log.level=3
storage.gc.threshold=30

Now, we reference it from our bsp run.json, using the key initrd_config:

$ cat bsp/run.json 
{
        "addons": [],
        "firmware": "firmware.squashfs",
        "initrd": "pantavisor",
        "linux": "kernel.img",
        "modules": "modules.squashfs",
        "initrd_config": "trail.config"
}

To finish the process, we commit and post the new revision

$ pvr commit
Committing /home/anibal/.pvr/objects/bsp/run.json
Adding bsp/trail.config
$ pvr post -m "change loglevel and storage threshold for this revision"

During runtime

Metadata can be used to override the values from the previous sections.

These are the keys that are accepted in metadata configuration. See the previous section for reference:

• storage.gc.reserved
• storage.gc.keep_factory
• storage.gc.threshold
• storage.gc.threshold.defertime
• updater.interval
• log.level
• log.push
• libthttp.log.level