Advanced environment variables
Advanced Environment VariablesΒΆ
Comet is configured primarily through the setting of various environment variables which are then read by the application. All known environment variables are documented below, along with the expected datatype for the values. The following list includes the relevant environment variables that are used to configure Comet, and their descriptions. If you come across any variable that is not documented here, please don't hesitate to ask for support from the deployment engineer
Depending on the deployment method, the way to set these variables may vary. For instance, if you are using Kubernetes Helm Chart, you may want to set these variables in the values.yaml file, which follows a different format (camel case, etc.). On the other hand, for an all-in-one or Linux server installation, you should set these variables by running cometctl aio update-config
| Environment Variable | Description |
|---|---|
| ADMIN_PASSWORD | This environment variable has been deprecated. All admin operations now require a User API Key with admin role/permissions. |
| COMET_BASE_URL | This variable is used to establish an HTTP(S) connection between Comet Python SDK and Comet Server. It is also used to generate links when sending emails. |
| COMET_WS_BASE_URL | This variable is used to establish a WebSocket connection between Comet Python SDK and Comet Server. |
| REDIS_HOST | Comet server uses Redis as a cache layer and as a queue system. |
| REDIS_BACKUP_PATH | If Redis is unavailable, Comet application will temporarily write to disk and will try to re-process the data once Redis is available. |
| REDIS_STDOUT_HOST | Same as Redis Host |
| REDIS_METRICS_HOST | Same as Redis Host |
| REDIS_SSL | Enable TLS communication from Comet application server to Redis. |
| MPM_ENABLED | Enable Model Production Monitoring (https://www.comet.com/site/products/model-production-monitoring/) |
| MPM_REDIS_HOST | Redis is the cache layer used by Comet server, also Comet uses Redis as queue system. |
| MPM_REDIS_BACKUP_PATH | Comet application can store data on disk temporarily in case Redis is unavailable. |
| MPM_REDIS_MAX_TOTAL_WORKERS | Estabilish the number of open connection that the backend opens with Redis. |
| MPM_REDIS_MAX_WAIT_TIME_MS | Maximum time the backend will wait for a free connection from the pool. |
| MPM_REDIS_SSL | Enable TLS communication from Comet application server to Redis. |
| MPM_REDIS_READ_TIMEOUT_MS | Timeout in milliseconds for Redis read requests. |
| MYSQL_USE_SSL | Enable TLS communication from Comet application server to Mysql. |
| MYSQL_PUBLIC_KEY_RETRIVAL | Allow a special handshake round-trip to get an RSA public key directly from the MySQL server. This is used as a parameter to create a connection with MySQL. |
| MYSQL_AWS_REGION_NAME | This is only applicable when using AWS IAM Roles in order to allow the application to authenticate using IAM Roles to RDS (MySQL). |
| INIT_DB | Create the DB and schema on the Mysql database. This will allow automatic DB schema upgrades. |
| INIT_PROJECT_CARDS | Upload images to the configured S3 bucket for project cards. This is to display project icons in the UI. |
| WAIT_FOR_RESOURCES_ON_STARTUP | In case MySQL, Redis or S3 is unavailable at application startup, this will instruct the application to keep retrying to connect. |
| MYSQL_IAM_SERVICE_ACCOUNT_ENABLED | Configure the Comet application to use IAM Roles for Service Account (Kubernetes) to connect to RDS (passwordless authentication). |
| MYSQL_IAM_ENABLED | Configure the Comet application to use IAM Roles (EC2) to connect to RDS (passwordless authentication). |
| MYSQL_SHOULD_CHECK_MAX_ALLOWED_PACKET | We require the Mysql server to set the parameter max_allowed_packet to in order to insert and query MEDIUMTEXT's fields in the Mysql DB. Those are used for storing metrics blobs. Comet application will not startup if this is set to True and Mysql server is not configured properly |
| COMET_STATS_LICENSE_REPORT_ENABLED | Comet application will submit encrypted usage information to Comet Servers to allow analytics. |
| COMET_STATS_EVENTS_ENABLED | Comet application will submit encrypted usage and BI events information to Comet Servers to allow analytics. |
| AWS_STS_REGIONAL_ENDPOINTS | This is only applicable when using AWS IAM Roles and AWS Secrets Manager. Force the application to query only the Regional STS endpoints. |
| ENABLE_READ_ONLY_API_KEY | This feature allows users to enable a read-only API key in the application that grants read-only access to all workspaces and projects. Set it to "True" to enable it. |
| ADMIN_READ_API_KEY | Used to set up the actual read-only API key. This variable should be set to a string value that represents the API key. Once set, the application will use this API key to authenticate all read-only requests to the system. |
| CHARGEBACK_USAGE_REPORT_ENABLED | Chargeback reports are a JSON blob that will provide information such as list of users, projects, and workspaces as well as usage information. |
| ADMIN_USER_LIST | ['username1'] - This is used to set regular users to become Admin, mostly used in cases that no one in the organization has the admin role. |
| COMET_IMITATION_USER_LIST | This is to allow a specific user to impersonate another user. Mostly used for debugging purposes. |
| FEATURES_COLLABORATION_DISABLED | Disable all Comet collaboration features |
| COMET_ENCRYPTION_KEY | This variable is a salt hash used to encrypt user data in the Comet application database. |
| JWT_SAME_SITE | Determines whether the SameSite attribute should be set for JWT cookies, allowing or disallowing cross-site requests. It is used to prevent CSRF attacks and can be set to either 'Lax' or 'Strict'. |
| MAX_METRIC_NAMES | This variable sets the maximum number of metric names that can be tracked in the Comet application. |
| MAX_PARAM_NAMES | This variable sets the maximum number of parameter names that can be tracked in the Comet application. |
| MAX_LOG_OTHER_NAMES | This variable sets the maximum number of additional log names that can be tracked in the Comet application. |
| ADMIN_LOCALHOST_ONLY | When set to True, this variable restricts administrative API access to the Comet application to the localhost. |
| ENABLE_S3_METADATA_ON_UPLOAD | enables the writing of additional metadata to an S3 object, including information about the user who uploaded it, the workspace it belongs to, and the original filename. |
| WEBHOOKS_ENABLED | This variable enables webhook integration with the Comet application, allowing for notifications and other external integrations. |
| AUTO_JOIN_WORKSPACES | This variable will add user automatically to specific workspaces. Expects workspaces in the following format: [team1, team2] |
| AUTH_OVERRIDE_PROVIDER | This variable is used to override the current authentication provider. When set to True, it enables merging existing local accounts with SSO accounts after SSO configuration. The account emails must match for proper function. |
Dec. 19, 2023