Configuration reference — NativeLink Docs

Every knob in the NativeLink JSON5 configuration — types, defaults, and links to source, autogenerated from the Rust config crate.

Version

This is the canonical NativeLink configuration reference for v1.5.2. It is autogenerated from the Rust config crate (nativelink-config/src) via the build-schema binary, so it can never drift from what the binary actually deserializes.

Top-level fields

The root object (CasConfig) accepts the following fields:

Field	Type	Required	Description
`stores`	array of NamedStoreConfig	Yes	List of stores available to use in this config. The keys can be used in other configs when needing to reference a store.
`workers`	array of WorkerConfig	—	Worker configurations used to execute jobs.
`schedulers`	array of NamedSchedulerConfig	—	List of schedulers available to use in this config. The keys can be used in other configs when needing to reference a scheduler.
`servers`	array of ServerConfig	Yes	Servers to setup for this process.
`experimental_origin_events`	OriginEventsSpec	—	Experimental - Origin events configuration. This is the service that will collect and publish nativelink events to a store for processing by an external service.
`global`	GlobalConfig	—	Any global configurations that apply to all modules live here.

Configuration types

Every type reachable from the root configuration, in reading order.

NamedStoreConfig

Common fields

Field	Type	Required	Default	Description
`name`	string	Yes	—

Plus exactly one of the following variants (the key selects the variant):

`cache_metrics`

Cache metrics store wraps another store and emits low-cardinality OpenTelemetry cache operation metrics for the wrapped store.

This wrapper is opt-in. Stores that are not explicitly wrapped by cache_metrics are constructed exactly as they are without this wrapper and do not pay its hot-path timing or recording cost.

Example JSON5 config:

"cache_metrics": {
  "cache_type": "cas",
  "backend": {
    "filesystem": {
      "content_path": "~/.cache/nativelink/content_path-cas",
      "temp_path": "~/.cache/nativelink/tmp_path-cas"
    }
  }
}

Type: CacheMetricsSpec

`memory`

Memory store will store all data in a hash map in memory.

Example JSON5 config:

"memory": {
  "eviction_policy": {
    "max_bytes": "10mb",
  }
}

Type: MemorySpec

`experimental_cloud_object_store`

A generic blob store that will store files on the cloud provider. This configuration will never delete files, so you are responsible for purging old files in other ways. It supports the following backends:

Amazon S3: S3 store will use Amazon's S3 service as a backend to store the files. This configuration can be used to share files across multiple instances. Uses system certificates for TLS verification via rustls-platform-verifier.

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "aws",
  "region": "eu-north-1",
  "bucket": "crossplane-bucket-af79aeca9",
  "key_prefix": "test-prefix-index/",
  "retry": {
    "max_retries": 6,
    "delay": 0.3,
    "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

Google Cloud Storage: GCS store uses Google's GCS service as a backend to store the files. This configuration can be used to share files across multiple instances.

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "gcs",
  "bucket": "test-bucket",
  "key_prefix": "test-prefix-index/",
  "retry": {
    "max_retries": 6,
    "delay": 0.3,
    "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

Azure Blob Store: Azure Blob store will use Microsoft's Azure Blob service as a backend to store the files. This configuration can be used to share files across multiple instances.

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "azure",
  "account_name": "cloudshell1393657559",
  "container": "simple-test-container",
  "key_prefix": "folder/",
  "retry": {
      "max_retries": 6,
      "delay": 0.3,
      "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

NetApp ONTAP S3 NetApp ONTAP S3 store will use ONTAP's S3-compatible storage as a backend to store files. This store is specifically configured for ONTAP's S3 requirements including custom TLS configuration, credentials management, and proper vserver configuration.

This store uses AWS environment variables for credentials:

AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "ontap",
  "endpoint": "https://ontap-s3-endpoint:443",
  "vserver_name": "your-vserver",
  "bucket": "your-bucket",
  "root_certificates": "/path/to/certs.pem",  // Optional
  "key_prefix": "test-prefix/",               // Optional
  "retry": {
    "max_retries": 6,
    "delay": 0.3,
    "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

Type: ExperimentalCloudObjectSpec

`ontap_s3_existence_cache`

ONTAP S3 Existence Cache provides a caching layer on top of the ONTAP S3 store to optimize repeated existence checks. It maintains an in-memory cache of object digests and periodically syncs this cache to disk for persistence.

The cache helps reduce latency for repeated calls to check object existence, while still ensuring eventual consistency with the underlying ONTAP S3 store.

Example JSON5 config:

"ontap_s3_existence_cache": {
  "index_path": "/path/to/cache/index.json",
  "sync_interval_seconds": 300,
  "backend": {
    "endpoint": "https://ontap-s3-endpoint:443",
    "vserver_name": "your-vserver",
    "bucket": "your-bucket",
    "key_prefix": "test-prefix/"
  }
}

Type: OntapS3ExistenceCacheSpec

`verify`

Verify store is used to apply verifications to an underlying store implementation. It is strongly encouraged to validate as much data as you can before accepting data from a client, failing to do so may cause the data in the store to be populated with invalid data causing all kinds of problems.

The suggested configuration is to have the CAS validate the hash and size and the AC validate nothing.

Example JSON5 config:

"verify": {
  "backend": {
    "memory": {
      "eviction_policy": {
        "max_bytes": "500mb"
      }
    },
  },
  "verify_size": true,
  "verify_hash": true
}

Type: VerifySpec

`completeness_checking`

Completeness checking store verifies if the output files & folders exist in the CAS before forwarding the request to the underlying store. Note: This store should only be used on AC stores.

Example JSON5 config:

"completeness_checking": {
  "backend": {
    "filesystem": {
      "content_path": "~/.cache/nativelink/content_path-ac",
      "temp_path": "~/.cache/nativelink/tmp_path-ac",
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  },
  "cas_store": {
    "ref_store": {
      "name": "CAS_MAIN_STORE"
    }
  }
}

Type: CompletenessCheckingSpec

`compression`

A compression store that will compress the data inbound and outbound. There will be a non-trivial cost to compress and decompress the data, but in many cases if the final store is a store that requires network transport and/or storage space is a concern it is often faster and more efficient to use this store before those stores.

Example JSON5 config:

"compression": {
  "compression_algorithm": {
    "lz4": {}
  },
  "backend": {
    "filesystem": {
      "content_path": "/tmp/nativelink/data/content_path-cas",
      "temp_path": "/tmp/nativelink/data/tmp_path-cas",
      "eviction_policy": {
        "max_bytes": "2gb",
      }
    }
  }
}

Type: CompressionSpec

`dedup`

A dedup store will take the inputs and run a rolling hash algorithm on them to slice the input into smaller parts then run a sha256 algorithm on the slice and if the object doesn't already exist, upload the slice to the content_store using a new digest of just the slice. Once all parts exist, an Action-Cache-like digest will be built and uploaded to the index_store which will contain a reference to each chunk/digest of the uploaded file. Downloading a request will first grab the index from the index_store, and forward the download content of each chunk as if it were one file.

This store is exceptionally good when the following conditions are met:

Content is mostly the same (inserts, updates, deletes are ok)
Content is not compressed or encrypted
Uploading or downloading from content_store is the bottleneck.

Note: This store pairs well when used with CompressionSpec as the content_store, but never put DedupSpec as the backend of CompressionSpec as it will negate all the gains.

Note: When running .has() on this store, it will only check to see if the entry exists in the index_store and not check if the individual chunks exist in the content_store.

Example JSON5 config:

"dedup": {
  "index_store": {
    "memory": {
      "eviction_policy": {
         "max_bytes": "1GB",
      }
    }
  },
  "content_store": {
    "compression": {
      "compression_algorithm": {
        "lz4": {}
      },
      "backend": {
        "fast_slow": {
          "fast": {
            "memory": {
              "eviction_policy": {
                "max_bytes": "500MB",
              }
            }
          },
          "slow": {
            "filesystem": {
              "content_path": "/tmp/nativelink/data/content_path-content",
              "temp_path": "/tmp/nativelink/data/tmp_path-content",
              "eviction_policy": {
                "max_bytes": "2gb"
              }
            }
          }
        }
      }
    }
  }
}

Type: DedupSpec

`existence_cache`

Existence store will wrap around another store and cache calls to has so that subsequent has_with_results calls will be faster. This is useful for cases when you have a store that is slow to respond to has calls. Note: This store should only be used on CAS stores.

Example JSON5 config:

"existence_cache": {
  "backend": {
    "memory": {
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  },
  // Note this is the existence store policy, not the backend policy
  "eviction_policy": {
    "max_seconds": 100,
  }
}

Type: ExistenceCacheSpec

`fast_slow`

FastSlow store will first try to fetch the data from the fast store and then if it does not exist try the slow store. When the object does exist in the slow store, it will copy the data to the fast store while returning the data. This store should be thought of as a store that "buffers" the data to the fast store. On uploads it will mirror data to both fast and slow stores.

WARNING: If you need data to always exist in the slow store for something like remote execution, be careful because this store will never check to see if the objects exist in the slow store if it exists in the fast store (i.e., it assumes that if an object exists in the fast store it will exist in the slow store).

Example JSON5 config:

"fast_slow": {
  "fast": {
    "filesystem": {
      "content_path": "/tmp/nativelink/data/content_path-index",
      "temp_path": "/tmp/nativelink/data/tmp_path-index",
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  },
  "slow": {
    "filesystem": {
      "content_path": "/tmp/nativelink/data/content_path-index",
      "temp_path": "/tmp/nativelink/data/tmp_path-index",
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  }
}

Type: FastSlowSpec

`shard`

Shards the data to multiple stores. This is useful for cases when you want to distribute the load across multiple stores. The digest hash is used to determine which store to send the data to.

Example JSON5 config:

"shard": {
  "stores": [
   {
    "store": {
      "memory": {
        "eviction_policy": {
            "max_bytes": "10mb"
        },
      },
    },
    "weight": 1
  }]
}

Type: ShardSpec

`filesystem`

Stores the data on the filesystem. This store is designed for local persistent storage. Restarts of this program should restore the previous state, meaning anything uploaded will be persistent as long as the filesystem integrity holds.

Example JSON5 config:

"filesystem": {
  "content_path": "/tmp/nativelink/data-worker-test/content_path-cas",
  "temp_path": "/tmp/nativelink/data-worker-test/tmp_path-cas",
  "eviction_policy": {
    "max_bytes": "10gb",
  }
}

Type: FilesystemSpec

`ref_store`

Store used to reference a store in the root store manager. This is useful for cases when you want to share a store in different nested stores. Example, you may want to share the same memory store used for the action cache, but use a FastSlowSpec and have the fast store also share the memory store for efficiency.

Example JSON5 config:

"ref_store": {
  "name": "FS_CONTENT_STORE"
}

Type: RefSpec

`size_partitioning`

Uses the size field of the digest to separate which store to send the data. This is useful for cases when you'd like to put small objects in one store and large objects in another store. This should only be used if the size field is the real size of the content, in other words, don't use on AC (Action Cache) stores. Any store where you can safely use VerifySpec.verify_size = true, this store should be safe to use (i.e., CAS stores).

Example JSON5 config:

"size_partitioning": {
  "size": "128mib",
  "lower_store": {
    "memory": {
      "eviction_policy": {
        "max_bytes": "${NATIVELINK_CAS_MEMORY_CONTENT_LIMIT:-100mb}"
      }
    }
  },
  "upper_store": {
    /// This store discards data larger than 128mib.
    "noop": {}
  }
}

Type: SizePartitioningSpec

`grpc`

This store will pass-through calls to another GRPC store. This store is not designed to be used as a sub-store of another store, but it does satisfy the interface and will likely work.

One major GOTCHA is that some stores use a special function on this store to get the size of the underlying object, which is only reliable when this store is serving the a CAS store, not an AC store. If using this store directly without being a child of any store there are no side effects and is the most efficient way to use it.

Example JSON5 config:

"grpc": {
  "instance_name": "main",
  "endpoints": [
    {"address": "grpc://${CAS_ENDPOINT:-127.0.0.1}:50051"}
  ],
  "connections_per_endpoint": "5",
  "rpc_timeout_s": "5m",
  "store_type": "ac",
  // Static headers attached to every outgoing request to the upstream
  // remote cache. Useful for fixed service-account credentials.
  "headers": {
    "authorization": "Bearer my-static-token"
  },
  // Header names to copy from the inbound client request and forward to
  // the upstream remote cache. Use this to pass through dynamic
  // credentials such as a JWT sent by the build client.
  "forward_headers": ["authorization", "x-custom-token"]
}

Type: GrpcSpec

`redis_store`

Stores data in any stores compatible with Redis APIs.

Pairs well with SizePartitioning and/or FastSlow stores. Ideal for accepting small object sizes as most Redis store services have a max file upload of between 256Mb-512Mb.

Example JSON5 config:

"redis_store": {
  "addresses": [
    "redis://127.0.0.1:6379/",
  ],
  "max_client_permits": 1000,
}

Type: RedisSpec

`noop`

Noop store is a store that sends streams into the void and all data retrieval will return 404 (NotFound). This can be useful for cases where you may need to partition your data and part of your data needs to be discarded.

Example JSON5 config:

"noop": {}

Type: NoopSpec

`experimental_mongo`

Experimental MongoDB store implementation.

This store uses MongoDB as a backend for storing data. It supports both CAS (Content Addressable Storage) and scheduler data with optional change streams for real-time updates.

Example JSON5 config:

"experimental_mongo": {
    "connection_string": "mongodb://localhost:27017",
    "database": "nativelink",
    "cas_collection": "cas",
    "key_prefix": "cas:",
    "read_chunk_size": 65536,
    "max_concurrent_uploads": 10,
    "enable_change_streams": false,
    "max_requests": "100"
}

Type: ExperimentalMongoSpec

WorkerConfig

Plus exactly one of the following variants (the key selects the variant):

`local`

A worker type that executes jobs locally on this machine.

Type: LocalWorkerConfig

NamedSchedulerConfig

Common fields

Field	Type	Required	Default	Description
`name`	string	Yes	—

Plus exactly one of the following variants (the key selects the variant):

ServerConfig

Field	Type	Required	Default	Description
`name`	string	—	{index of server in config}	Name of the server. This is used to help identify the service for telemetry and logs.
`listener`	ListenerConfig	Yes	—	Configuration
`services`	ServicesConfig	—	—	Services to attach to server.
`experimental_identity_header`	IdentityHeaderSpec	—	{see `IdentityHeaderSpec`}	The config related to identifying the client.

OriginEventsSpec

Field	Type	Required	Default	Description
`publisher`	OriginEventsPublisherSpec	Yes	—	The publisher configuration for origin events.
`max_event_queue_size`	integer (uint)	—	65536 (zero defaults to this)	The maximum number of events to queue before applying back pressure. IMPORTANT: Backpressure causes all clients to slow down significantly. Zero is default.

GlobalConfig

Field	Type	Required	Default	Description
`max_open_files`	integer (uint)	Yes	24576 (= 24 * 1024)	Maximum number of open files that can be opened at one time. This value is not strictly enforced, it is a best effort. Some internal libraries open files or read metadata from a files which do not obey this limit, however the vast majority of cases will have this limit be honored. This value must be larger than `ulimit -n` to have any effect. Any network open file descriptors is not counted in this limit, but is counted in the kernel limit. It is a good idea to set a very large `ulimit -n`. Note: This value must be greater than 10.
`default_digest_hash_function`	ConfigDigestHashFunction	—	`ConfigDigestHashFunction::sha256`	Default hash function to use while uploading blobs to the CAS when not set by client.
`default_digest_size_health_check`	integer (uint)	—	1024*1024 (1MiB)	Default digest size to use for health check when running diagnostics checks. Health checks are expected to use this size for filling a buffer that is used for creation of digest.

CacheMetricsSpec

Field	Type	Required	Default	Description
`cache_type`	string	Yes	—	Low-cardinality cache type label for metrics, for example `cas` or `ac`.
`backend`	StoreSpec	Yes	—	Store to wrap with cache operation metrics.

MemorySpec

Field	Type	Required	Default	Description
`eviction_policy`	EvictionPolicy	—	—	Policy used to evict items out of the store. Failure to set this value will cause items to never be removed from the store causing infinite memory usage.

ExperimentalCloudObjectSpec

See experimental_cloud_object_store for details

OntapS3ExistenceCacheSpec

Field	Type	Required	Default
`index_path`	string	Yes	—
`sync_interval_seconds`	integer (uint32)	Yes	—
`backend`	ExperimentalOntapS3Spec	Yes	—

VerifySpec

Field	Type	Required	Default	Description
`backend`	StoreSpec	Yes	—	The underlying store wrap around. All content will first flow through self before forwarding to backend. In the event there is an error detected in self, the connection to the backend will be terminated, and early termination should always cause updates to fail on the backend.
`verify_size`	boolean	—	`false`	If set the store will verify the size of the data before accepting an upload of data.
`verify_hash`	boolean	—	`false`	If the data should be hashed and verify that the key matches the computed hash. The hash function is automatically determined based request and if not set will use the global default.

CompletenessCheckingSpec

Field	Type	Required	Default	Description
`backend`	StoreSpec	Yes	—	The underlying store that will have it's results validated before sending to client.
`cas_store`	StoreSpec	Yes	—	When a request is made, the results are decoded and all output digests/files are verified to exist in this CAS store before returning success.

CompressionSpec

Field	Type	Required	Default	Description
`backend`	StoreSpec	Yes	—	The underlying store wrap around. All content will first flow through self before forwarding to backend. In the event there is an error detected in self, the connection to the backend will be terminated, and early termination should always cause updates to fail on the backend.
`compression_algorithm`	CompressionAlgorithm	Yes	—	The compression algorithm to use.

DedupSpec

Field	Type	Required	Default	Description
`index_store`	StoreSpec	Yes	—	Store used to store the index of each dedup slice. This store should generally be fast and small.
`content_store`	StoreSpec	Yes	—	The store where the individual chunks will be uploaded. This store should generally be the slower & larger store.
`min_size`	integer (uint32)	—	64k	Minimum size that a chunk will be when slicing up the content. Note: This setting can be increased to improve performance because it will actually not check this number of bytes when deciding where to partition the data.
`normal_size`	integer (uint32)	—	256k	A best-effort attempt will be made to keep the average size of the chunks to this number. It is not a guarantee, but a slight attempt will be made.
`max_size`	integer (uint32)	—	512k	Maximum size a chunk is allowed to be.
`max_concurrent_fetch_per_get`	integer (uint32)	—	10	Due to implementation detail, we want to prefer to download the first chunks of the file so we can stream the content out and free up some of our buffers. This configuration will be used to restrict the number of concurrent chunk downloads at a time per `get()` request.

ExistenceCacheSpec

Field	Type	Required	Default	Description
`backend`	StoreSpec	Yes	—	The underlying store wrap around. All content will first flow through self before forwarding to backend. In the event there is an error detected in self, the connection to the backend will be terminated, and early termination should always cause updates to fail on the backend.
`eviction_policy`	EvictionPolicy	—	—	Policy used to evict items out of the store. Failure to set this value will cause items to never be removed from the store causing infinite memory usage.

FastSlowSpec

Field	Type	Required	Default	Description
`fast`	StoreSpec	Yes	—	Fast store that will be attempted to be contacted before reaching out to the `slow` store.
`fast_direction`	StoreDirection	—	`"both"`	How to handle the fast store. This can be useful to set to Get for worker nodes such that results are persisted to the slow store only.
`slow`	StoreSpec	Yes	—	If the object does not exist in the `fast` store it will try to get it from this store.
`slow_direction`	StoreDirection	—	`"both"`	How to handle the slow store. This can be useful if creating a diode and you wish to have an upstream read only store.
`bypass_dedup_threshold_bytes`	integer (uint64)	—	disabled (0)	Reads of blobs at or above this size skip the leader/follower dedup map and stream straight from the slow store without populating the fast tier. `0` (the default) disables the bypass: every read goes through dedup, matching the prior behaviour. Enable it by setting a threshold — 256 MiB is a reasonable starting point for backends where large-blob dedup is a net loss (followers tend to time out anyway), but the right value is workload-dependent.

ShardSpec

Field	Type	Required	Default	Description
`stores`	array of ShardConfig	Yes	—	Stores to shard the data to.

FilesystemSpec

Field	Type	Required	Default	Description
`content_path`	string	Yes	—	Path on the system where to store the actual content. This is where the bulk of the data will be placed. On service startup this folder will be scanned and all files will be added to the cache. In the event one of the files doesn't match the criteria, the file will be deleted.
`temp_path`	string	Yes	—	A temporary location of where files that are being uploaded or deleted will be placed while the content cannot be guaranteed to be accurate. This location must be on the same block device as `content_path` so atomic moves can happen (i.e., move without copy). All files in this folder will be deleted on every startup.
`read_buffer_size`	integer (uint32)	—	32k	Buffer size to use when reading files. Generally this should be left to the default value except for testing.
`eviction_policy`	EvictionPolicy	—	—	Policy used to evict items out of the store. Failure to set this value will cause items to never be removed from the store causing infinite memory usage.
`block_size`	integer (uint64)	—	4kb	The block size of the filesystem for the running machine value is used to determine an entry's actual size on disk consumed For a 4KB block size filesystem, a 1B file actually consumes 4KB
`max_concurrent_writes`	integer (uint)	—	unlimited	Maximum number of concurrent write operations allowed. Each write involves streaming data to a temp file and calling `sync_all()`, which can saturate disk I/O when many writes happen simultaneously. Limiting concurrency prevents disk saturation from blocking the async runtime. A value of 0 means unlimited (no concurrency limit).

RefSpec

Field	Type	Required	Default	Description
`name`	string	Yes	—	Name of the store under the root "stores" config object.

SizePartitioningSpec

Field	Type	Required	Default	Description
`size`	integer (uint64)	Yes	—	Size to partition the data on.
`lower_store`	StoreSpec	Yes	—	Store to send data when object is < (less than) size.
`upper_store`	StoreSpec	Yes	—	Store to send data when object is >= (less than eq) size.

GrpcSpec

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Instance name for GRPC calls. Proxy calls will have the `instance_name` changed to this.
`endpoints`	array of GrpcEndpoint	Yes	—	The endpoint of the grpc connection.
`store_type`	StoreType	Yes	—	The type of the upstream store, this ensures that the correct server calls are made.
`retry`	Retry	—	—	Retry configuration to use when a network request fails.
`max_concurrent_requests`	integer (uint)	—	`0`	Limit the number of simultaneous upstream requests to this many. A value of zero is treated as unlimited. If the limit is reached the request is queued.
`connections_per_endpoint`	integer (uint)	—	`0`	The number of connections to make to each specified endpoint to balance the load over multiple TCP connections. Default 1.
`rpc_timeout_s`	integer (uint64)	—	0 (disabled)	Maximum time (seconds) allowed for a single RPC request (e.g. a `ByteStream.Write` call) before it is cancelled.
`use_legacy_resource_names`	boolean	—	false	Use legacy `ByteStream` resource name format, omitting the digest function component from the path.
`headers`	map of string to string	—	—	Static headers to attach to every outgoing gRPC request sent to this store's upstream endpoints. Useful for fixed authentication tokens (e.g. `{"authorization": "Bearer <token>"}`) and other static metadata.
`forward_headers`	array of string	—	—	Header names to forward from the incoming client request to every outgoing upstream request. The header value is taken from the client request that triggered this store operation. Use this to pass through dynamic credentials such as JWT tokens sent by build clients.

RedisSpec

Field	Type	Required	Default	Description
`addresses`	array of string	Yes	—	The hostname or IP address of the Redis server. Ex: `["redis://username:password@redis-server-url:6380/99"]` 99 Represents database ID, 6380 represents the port.
`response_timeout_s`	integer (uint64)	—	10	DEPRECATED: use `command_timeout_ms` The response timeout for the Redis connection in seconds.
`connection_timeout_s`	integer (uint64)	—	10	DEPRECATED: use `connection_timeout_ms`
`experimental_pub_sub_channel`	string	—	(Empty String / No Channel)	An optional and experimental Redis channel to publish write events to.
`key_prefix`	string	—	(Empty String / No Prefix)	An optional prefix to prepend to all keys in this store.
`mode`	RedisMode	—	standard,	Set the mode Redis is operating in.
`broadcast_channel_capacity`	integer (uint)	—	`0`	Deprecated as redis-rs doesn't use it
`command_timeout_ms`	integer (uint64)	—	10000 (10 seconds)	The amount of time in milliseconds until the Redis store considers the command to be timed out. This will trigger a retry of the command and potentially a reconnection to the Redis server.
`connection_timeout_ms`	integer (uint64)	—	3000 (3 seconds)	The amount of time in milliseconds until the Redis store considers the connection to unresponsive. This will trigger a reconnection to the Redis server.
`health_check_timeout_ms`	integer (uint64)	—	4000 (4 seconds)	Per-call ceiling for the `check_health` PING in milliseconds.
`read_chunk_size`	integer (uint)	—	64KiB	The amount of data to read from the Redis server at a time. This is used to limit the amount of memory used when reading large objects from the Redis server as well as limiting the amount of time a single read operation can take.
`connection_pool_size`	integer (uint)	—	3	The number of connections to keep open to the Redis servers.
`max_chunk_uploads_per_update`	integer (uint)	—	10	The maximum number of upload chunks to allow per update. This is used to limit the amount of memory used when uploading large objects to the Redis server. A good rule of thumb is to think of the data as: `AVAIL_MEMORY / (read_chunk_size * max_chunk_uploads_per_update) = THORETICAL_MAX_CONCURRENT_UPLOADS` (note: it is a good idea to divide `AVAIL_MAX_MEMORY` by ~10 to account for other memory usage)
`scan_count`	integer (uint)	—	10000	The COUNT value passed when scanning keys in Redis. This is used to hint the amount of work that should be done per response.
`retry`	Retry	—	—	Retry configuration to use when a network request fails.
`max_client_permits`	integer (uint)	—	500	Maximum number of permitted actions to the Redis store at any one time This stops problems with timeouts due to many, many inflight actions
`max_count_per_cursor`	integer (uint64)	—	1500	Maximum number of items returned per cursor for the search indexes May reduce thundering herd issues with worker provisioner at higher node counts,

NoopSpec

No fields.

ExperimentalMongoSpec

Configuration for ExperimentalMongoDB store.

Field	Type	Required	Default	Description
`connection_string`	string	Yes	—	`ExperimentalMongoDB` connection string. Example: <mongodb://localhost:27017> or <mongodb+srv://cluster.mongodb.net>
`database`	string	—	"nativelink"	The database name to use.
`cas_collection`	string	—	"cas"	The collection name for CAS data.
`scheduler_collection`	string	—	"scheduler"	The collection name for scheduler data.
`key_prefix`	string	—	""	Prefix to prepend to all keys stored in `MongoDB`.
`read_chunk_size`	integer (uint)	—	65536 (64KB)	The maximum amount of data to read from `MongoDB` in a single chunk (in bytes).
`max_concurrent_uploads`	integer (uint)	—	10	Deprecated, unused Maximum number of concurrent uploads allowed.
`connection_timeout_ms`	integer (uint64)	—	3000	Connection timeout in milliseconds.
`command_timeout_ms`	integer (uint64)	—	10000	Command timeout in milliseconds.
`enable_change_streams`	boolean	—	false	Enable `MongoDB` change streams for real-time updates. Required for scheduler subscriptions.
`write_concern_w`	string	—	—	Write concern 'w' parameter. Can be a number (e.g., 1) or string (e.g., "majority").
`write_concern_j`	boolean	—	—	Write concern 'j' parameter (journal acknowledgment).
`write_concern_timeout_ms`	integer (uint32)	—	—	Write concern timeout in milliseconds.
`max_requests`	integer (uint)	—	Unlimited	Limits the number of requests at any one time

LocalWorkerConfig

Field	Type	Required	Default	Description
`name`	string	—	{Index position in the workers list}	Name of the worker. This is give a more friendly name to a worker for logging and metric publishing. This is also the prefix of the worker id (i.e., "{name}{uuidv6}").
`worker_api_endpoint`	EndpointConfig	Yes	—	Endpoint which the worker will connect to the scheduler's `WorkerApiService`.
`max_action_timeout`	integer (uint)	—	20 minutes	The maximum time an action is allowed to run. If a task requests for a timeout longer than this time limit, the task will be rejected. Value in seconds.
`max_upload_timeout`	integer (uint)	—	10 minutes	Maximum time allowed for uploading action results to CAS after execution completes. If upload takes longer than this, the action fails with `DeadlineExceeded` and may be retried by the scheduler. Value in seconds.
`max_inflight_tasks`	integer (uint64)	—	0 (infinite tasks)	Maximum number of inflight tasks this worker can cope with.
`timeout_handled_externally`	boolean	—	false (`NativeLink` fully handles timeouts)	If timeout is handled in `entrypoint` or another wrapper script. If set to true `NativeLink` will not honor the timeout the action requested and instead will always force kill the action after `max_action_timeout` has been reached. If this is set to false, the smaller value of the action's timeout and `max_action_timeout` will be used to which `NativeLink` will kill the action.
`entrypoint`	string	—	{Use the command from the job request}	The command to execute on every execution request. This will be parsed as a command + arguments (not shell). Example: "run.sh" and a job with command: "sleep 5" will result in a command like: "run.sh sleep 5".
`experimental_precondition_script`	string	—	—	An optional script to run before every action is processed on the worker. The value should be the full path to the script to execute and will pause all actions on the worker if it returns an exit code other than 0. If not set, then the worker will never pause and will continue to accept jobs according to the scheduler configuration. This is useful, for example, if the worker should not take any more actions until there is enough resource available on the machine to handle them.
`cas_fast_slow_store`	string	Yes	—	Underlying CAS store that the worker will use to download CAS artifacts. This store must be a `FastSlowStore`. The `fast` store must be a `FileSystemStore` because it will use hardlinks when building out the files instead of copying the files. The slow store must eventually resolve to the same store the scheduler/client uses to send job requests.
`upload_action_result`	UploadActionResultConfig	—	—	Configuration for uploading action results.
`work_directory`	string	Yes	—	The directory work jobs will be executed from. This directory will be fully managed by the worker service and will be purged on startup. This directory and the directory referenced in `local_filesystem_store_ref`'s `stores::FilesystemStore::content_path` must be on the same filesystem. Hardlinks will be used when placing files that are accessible to the jobs that are sourced from `local_filesystem_store_ref`'s `content_path`.
`platform_properties`	map of string to WorkerProperty	Yes	—	Properties of this worker. This configuration will be sent to the scheduler and used to tell the scheduler to restrict what should be executed on this worker.
`additional_environment`	map of string to EnvironmentSource	—	—	An optional mapping of environment names to set for the execution as well as those specified in the action itself. If set, will set each key as an environment variable before executing the job with the value of the environment variable being the value of the property of the action being executed of that name or the fixed value.
`directory_cache`	DirectoryCacheConfig	—	—	Optional directory cache configuration for improving performance by caching reconstructed input directories and using hardlinks instead of rebuilding them from CAS for every action.
`use_namespaces`	boolean	—	False	Whether to use namespaces to isolate the execution. This is only available on Linux. It is highly recommended as it avoids a number of issues with zombie processes and also provides additional hermeticity. If explicitly set to true and it is not supported the worker will exit with an error.
`use_mount_namespace`	boolean	—	False	Whether to use a mount namespace to isolate the worker root. This is only available on Linux and when `use_namespaces` is true. It is highly recommended provides additional hermeticity. If explicitly set to true and it is not supported or `use_namespaces` is not set to true the worker will exit with an error.

SimpleSpec

Field	Type	Required	Default	Description
`supported_platform_properties`	map of string to PropertyType	—	—	A list of supported platform properties mapped to how these properties are used when the scheduler looks for worker nodes capable of running the task.
`retain_completed_for_s`	integer (uint32)	—	60 seconds	The amount of time to retain completed actions for in case a `WaitExecution` is called after the action has completed.
`client_action_timeout_s`	integer (uint64)	—	60 seconds	Mark operations as completed with error if no client has updated them within this duration.
`worker_timeout_s`	integer (uint64)	—	5 seconds	Remove workers from pool once the worker has not responded in this amount of time in seconds.
`max_action_executing_timeout_s`	integer (uint64)	—	0 (disabled)	Maximum time (seconds) an action can stay in Executing state without any worker update before being timed out and re-queued. This applies regardless of worker keepalive status, catching cases where a worker is alive (sending keepalives) but stuck on a specific action. Set to 0 to disable (relies only on `worker_timeout_s`).
`max_job_retries`	integer (uint)	—	3	If a job returns an internal error or times out this many times when attempting to run on a worker the scheduler will return the last error to the client. Jobs will be retried and this configuration is to help prevent one rogue job from infinitely retrying and taking up a lot of resources when the task itself is the one causing the server to go into a bad state.
`allocation_strategy`	WorkerAllocationStrategy	—	`"least_recently_used"`	The strategy used to assign workers jobs.
`experimental_backend`	ExperimentalSimpleSchedulerBackend	—	memory	The storage backend to use for the scheduler.
`worker_match_logging_interval_s`	integer (int64)	—	`10`	Every N seconds, do logging of worker matching e.g. "worker busy", "can't find any worker" Defaults to 10s. Can be set to `-1` to disable

SchedulerGrpcSpec

A scheduler that forwards requests to an upstream scheduler. This is useful to use when doing some kind of local action cache or CAS away from the main cluster of workers. In general, it's more efficient to point the build at the main scheduler directly though.

Field	Type	Required	Default	Description
`endpoint`	GrpcEndpoint	Yes	—	The upstream scheduler to forward requests to.
`retry`	Retry	—	—	Retry configuration to use when a network request fails.
`max_concurrent_requests`	integer (uint)	—	unlimited	Limit the number of simultaneous upstream requests to this many. A value of zero is treated as unlimited. If the limit is reached the request is queued.
`connections_per_endpoint`	integer (uint)	—	1	The number of connections to make to each specified endpoint to balance the load over multiple TCP connections.

CacheLookupSpec

Field	Type	Required	Default	Description
`ac_store`	string	Yes	—	The reference to the action cache store used to return cached actions from rather than running them again. To prevent unintended issues, this store should probably be a `CompletenessCheckingSpec`.
`scheduler`	SchedulerSpec	Yes	—	The nested scheduler to use if cache lookup fails.

PropertyModifierSpec

Field	Type	Required	Default	Description
`modifications`	array of PropertyModification	Yes	—	A list of modifications to perform to incoming actions for the nested scheduler. These are performed in order and blindly, so removing a property that doesn't exist is fine and overwriting an existing property is also fine. If adding properties that do not exist in the nested scheduler is not supported and will likely cause unexpected behaviour.
`scheduler`	SchedulerSpec	Yes	—	The nested scheduler to use after modifying the properties.

HistoricalResourceSpec

Field	Type	Required	Default	Description
`hints_file`	string	Yes	—	JSON file containing historical resource hints keyed by Bazel `RequestMetadata` `target_id` and/or `action_mnemonic`.
`refresh_interval_s`	integer (uint64)	—	30 seconds	Reload interval for `hints_file`. Set to 0 to load once.
`cpu_property_name`	string	—	`cpu_count`	Platform property name used for CPU minimum values.
`memory_property_name`	string	—	`memory_kb`	Platform property name used for memory minimum values, expressed in KiB.
`scheduler`	SchedulerSpec	Yes	—	The nested scheduler to use after applying resource hints.

ListenerConfig

Plus exactly one of the following variants (the key selects the variant):

`http`

Listener for HTTP/HTTPS/HTTP2 sockets.

Type: HttpListener

ServicesConfig

Field	Type	Required	Default	Description
`cas`	array of CasServiceConfig	—	—	The Content Addressable Storage (CAS) backend config. The key is the `instance_name` used in the protocol and the value is the underlying CAS store config.
`ac`	array of ActionCacheServiceConfig	—	—	The Action Cache (AC) backend config. The key is the `instance_name` used in the protocol and the value is the underlying AC store config.
`capabilities`	array of CapabilitiesServiceConfig	—	—	Capabilities service is required in order to use most of the bazel protocol. This service is used to provide the supported features and versions of this bazel GRPC service.
`execution`	array of ExecutionServiceConfig	—	—	The remote execution service configuration. NOTE: This service is under development and is currently just a place holder.
`bytestream`	array of ByteStreamServiceConfig	—	—	This is the service used to stream data to and from the CAS. Bazel's protocol strongly encourages users to use this streaming interface to interact with the CAS when the data is large.
`fetch`	array of FetchServiceConfig	—	—	These two are collectively the Remote Asset protocol, but it's defined as two separate services
`push`	array of PushServiceConfig	—	—
`worker_api`	WorkerApiConfig	—	—	This is the service used for workers to connect and communicate through. NOTE: This service should be served on a different, non-public port. In other words, `worker_api` configuration should not have any other services that are served on the same port. Doing so is a security risk, as workers have a different permission set than a client that makes the remote execution/cache requests.
`experimental_bep`	BepConfig	—	—	Experimental - Build Event Protocol (BEP) configuration. This is the service that will consume build events from the client and publish them to a store for processing by an external service.
`admin`	AdminConfig	—	—	This is the service for any administrative tasks. It provides a REST API endpoint for administrative purposes.
`health`	HealthConfig	—	—	This is the service for health status check.

IdentityHeaderSpec

Field	Type	Required	Default	Description
`header_name`	string	—	"x-identity"	The name of the header to look for the identity in.
`required`	boolean	—	`false`	If the header is required to be set or fail the request.

OriginEventsPublisherSpec

Field	Type	Required	Default	Description
`store`	string	Yes	—	The store to publish nativelink events to. The store name referenced in the `stores` map in the main config.

ConfigDigestHashFunction

Value	Description
`"sha256"`	Use the sha256 hash function. https://en.wikipedia.org/wiki/SHA-2
`"blake3"`	Use the blake3 hash function. https://en.wikipedia.org/wiki/BLAKE_(hash_function)

StoreSpec

Plus exactly one of the following variants (the key selects the variant):

`cache_metrics`

Cache metrics store wraps another store and emits low-cardinality OpenTelemetry cache operation metrics for the wrapped store.

This wrapper is opt-in. Stores that are not explicitly wrapped by cache_metrics are constructed exactly as they are without this wrapper and do not pay its hot-path timing or recording cost.

Example JSON5 config:

"cache_metrics": {
  "cache_type": "cas",
  "backend": {
    "filesystem": {
      "content_path": "~/.cache/nativelink/content_path-cas",
      "temp_path": "~/.cache/nativelink/tmp_path-cas"
    }
  }
}

Type: CacheMetricsSpec

`memory`

Memory store will store all data in a hash map in memory.

Example JSON5 config:

"memory": {
  "eviction_policy": {
    "max_bytes": "10mb",
  }
}

Type: MemorySpec

`experimental_cloud_object_store`

Amazon S3: S3 store will use Amazon's S3 service as a backend to store the files. This configuration can be used to share files across multiple instances. Uses system certificates for TLS verification via rustls-platform-verifier.

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "aws",
  "region": "eu-north-1",
  "bucket": "crossplane-bucket-af79aeca9",
  "key_prefix": "test-prefix-index/",
  "retry": {
    "max_retries": 6,
    "delay": 0.3,
    "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

Google Cloud Storage: GCS store uses Google's GCS service as a backend to store the files. This configuration can be used to share files across multiple instances.

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "gcs",
  "bucket": "test-bucket",
  "key_prefix": "test-prefix-index/",
  "retry": {
    "max_retries": 6,
    "delay": 0.3,
    "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

Azure Blob Store: Azure Blob store will use Microsoft's Azure Blob service as a backend to store the files. This configuration can be used to share files across multiple instances.

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "azure",
  "account_name": "cloudshell1393657559",
  "container": "simple-test-container",
  "key_prefix": "folder/",
  "retry": {
      "max_retries": 6,
      "delay": 0.3,
      "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

This store uses AWS environment variables for credentials:

AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION

Example JSON5 config:

"experimental_cloud_object_store": {
  "provider": "ontap",
  "endpoint": "https://ontap-s3-endpoint:443",
  "vserver_name": "your-vserver",
  "bucket": "your-bucket",
  "root_certificates": "/path/to/certs.pem",  // Optional
  "key_prefix": "test-prefix/",               // Optional
  "retry": {
    "max_retries": 6,
    "delay": 0.3,
    "jitter": 0.5
  },
  "multipart_max_concurrent_uploads": 10
}

Type: ExperimentalCloudObjectSpec

`ontap_s3_existence_cache`

The cache helps reduce latency for repeated calls to check object existence, while still ensuring eventual consistency with the underlying ONTAP S3 store.

Example JSON5 config:

"ontap_s3_existence_cache": {
  "index_path": "/path/to/cache/index.json",
  "sync_interval_seconds": 300,
  "backend": {
    "endpoint": "https://ontap-s3-endpoint:443",
    "vserver_name": "your-vserver",
    "bucket": "your-bucket",
    "key_prefix": "test-prefix/"
  }
}

Type: OntapS3ExistenceCacheSpec

`verify`

The suggested configuration is to have the CAS validate the hash and size and the AC validate nothing.

Example JSON5 config:

"verify": {
  "backend": {
    "memory": {
      "eviction_policy": {
        "max_bytes": "500mb"
      }
    },
  },
  "verify_size": true,
  "verify_hash": true
}

Type: VerifySpec

`completeness_checking`

Completeness checking store verifies if the output files & folders exist in the CAS before forwarding the request to the underlying store. Note: This store should only be used on AC stores.

Example JSON5 config:

"completeness_checking": {
  "backend": {
    "filesystem": {
      "content_path": "~/.cache/nativelink/content_path-ac",
      "temp_path": "~/.cache/nativelink/tmp_path-ac",
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  },
  "cas_store": {
    "ref_store": {
      "name": "CAS_MAIN_STORE"
    }
  }
}

Type: CompletenessCheckingSpec

`compression`

Example JSON5 config:

"compression": {
  "compression_algorithm": {
    "lz4": {}
  },
  "backend": {
    "filesystem": {
      "content_path": "/tmp/nativelink/data/content_path-cas",
      "temp_path": "/tmp/nativelink/data/tmp_path-cas",
      "eviction_policy": {
        "max_bytes": "2gb",
      }
    }
  }
}

Type: CompressionSpec

`dedup`

This store is exceptionally good when the following conditions are met:

Content is mostly the same (inserts, updates, deletes are ok)
Content is not compressed or encrypted
Uploading or downloading from content_store is the bottleneck.

Note: This store pairs well when used with CompressionSpec as the content_store, but never put DedupSpec as the backend of CompressionSpec as it will negate all the gains.

Note: When running .has() on this store, it will only check to see if the entry exists in the index_store and not check if the individual chunks exist in the content_store.

Example JSON5 config:

"dedup": {
  "index_store": {
    "memory": {
      "eviction_policy": {
         "max_bytes": "1GB",
      }
    }
  },
  "content_store": {
    "compression": {
      "compression_algorithm": {
        "lz4": {}
      },
      "backend": {
        "fast_slow": {
          "fast": {
            "memory": {
              "eviction_policy": {
                "max_bytes": "500MB",
              }
            }
          },
          "slow": {
            "filesystem": {
              "content_path": "/tmp/nativelink/data/content_path-content",
              "temp_path": "/tmp/nativelink/data/tmp_path-content",
              "eviction_policy": {
                "max_bytes": "2gb"
              }
            }
          }
        }
      }
    }
  }
}

Type: DedupSpec

`existence_cache`

Example JSON5 config:

"existence_cache": {
  "backend": {
    "memory": {
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  },
  // Note this is the existence store policy, not the backend policy
  "eviction_policy": {
    "max_seconds": 100,
  }
}

Type: ExistenceCacheSpec

`fast_slow`

Example JSON5 config:

"fast_slow": {
  "fast": {
    "filesystem": {
      "content_path": "/tmp/nativelink/data/content_path-index",
      "temp_path": "/tmp/nativelink/data/tmp_path-index",
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  },
  "slow": {
    "filesystem": {
      "content_path": "/tmp/nativelink/data/content_path-index",
      "temp_path": "/tmp/nativelink/data/tmp_path-index",
      "eviction_policy": {
        "max_bytes": "500mb",
      }
    }
  }
}

Type: FastSlowSpec

`shard`

Shards the data to multiple stores. This is useful for cases when you want to distribute the load across multiple stores. The digest hash is used to determine which store to send the data to.

Example JSON5 config:

"shard": {
  "stores": [
   {
    "store": {
      "memory": {
        "eviction_policy": {
            "max_bytes": "10mb"
        },
      },
    },
    "weight": 1
  }]
}

Type: ShardSpec

`filesystem`

Example JSON5 config:

"filesystem": {
  "content_path": "/tmp/nativelink/data-worker-test/content_path-cas",
  "temp_path": "/tmp/nativelink/data-worker-test/tmp_path-cas",
  "eviction_policy": {
    "max_bytes": "10gb",
  }
}

Type: FilesystemSpec

`ref_store`

Example JSON5 config:

"ref_store": {
  "name": "FS_CONTENT_STORE"
}

Type: RefSpec

`size_partitioning`

Example JSON5 config:

"size_partitioning": {
  "size": "128mib",
  "lower_store": {
    "memory": {
      "eviction_policy": {
        "max_bytes": "${NATIVELINK_CAS_MEMORY_CONTENT_LIMIT:-100mb}"
      }
    }
  },
  "upper_store": {
    /// This store discards data larger than 128mib.
    "noop": {}
  }
}

Type: SizePartitioningSpec

`grpc`

This store will pass-through calls to another GRPC store. This store is not designed to be used as a sub-store of another store, but it does satisfy the interface and will likely work.

Example JSON5 config:

"grpc": {
  "instance_name": "main",
  "endpoints": [
    {"address": "grpc://${CAS_ENDPOINT:-127.0.0.1}:50051"}
  ],
  "connections_per_endpoint": "5",
  "rpc_timeout_s": "5m",
  "store_type": "ac",
  // Static headers attached to every outgoing request to the upstream
  // remote cache. Useful for fixed service-account credentials.
  "headers": {
    "authorization": "Bearer my-static-token"
  },
  // Header names to copy from the inbound client request and forward to
  // the upstream remote cache. Use this to pass through dynamic
  // credentials such as a JWT sent by the build client.
  "forward_headers": ["authorization", "x-custom-token"]
}

Type: GrpcSpec

`redis_store`

Stores data in any stores compatible with Redis APIs.

Pairs well with SizePartitioning and/or FastSlow stores. Ideal for accepting small object sizes as most Redis store services have a max file upload of between 256Mb-512Mb.

Example JSON5 config:

"redis_store": {
  "addresses": [
    "redis://127.0.0.1:6379/",
  ],
  "max_client_permits": 1000,
}

Type: RedisSpec

`noop`

Example JSON5 config:

"noop": {}

Type: NoopSpec

`experimental_mongo`

Experimental MongoDB store implementation.

This store uses MongoDB as a backend for storing data. It supports both CAS (Content Addressable Storage) and scheduler data with optional change streams for real-time updates.

Example JSON5 config:

"experimental_mongo": {
    "connection_string": "mongodb://localhost:27017",
    "database": "nativelink",
    "cas_collection": "cas",
    "key_prefix": "cas:",
    "read_chunk_size": 65536,
    "max_concurrent_uploads": 10,
    "enable_change_streams": false,
    "max_requests": "100"
}

Type: ExperimentalMongoSpec

EvictionPolicy

Eviction policy always works on LRU (Least Recently Used). Any time an entry is touched it updates the timestamp. Inserts and updates will execute the eviction policy removing any expired entries and/or the oldest entries until the store size becomes smaller than max_bytes.

Field	Type	Required	Description
`max_bytes`	integer (uint)	—	Maximum number of bytes before eviction takes place. Zero means never evict based on size.
`evict_bytes`	integer (uint)	—	When eviction starts based on hitting `max_bytes`, continue until `max_bytes - evict_bytes` is met to create a low watermark. This stops operations from thrashing when the store is close to the limit.
`max_seconds`	integer (uint32)	—	Maximum number of seconds for an entry to live since it was last accessed before it is evicted. Zero means never evict based on time.
`max_count`	integer (uint64)	—	Maximum size of the store before an eviction takes place. Zero means never evict based on count.

Retry

Retry configuration. This configuration is exponential and each iteration a jitter as a percentage is applied of the calculated delay. For example:

Retry{
  max_retries: 7,
  delay: 0.1,
  jitter: 0.5,
}

will result in:

Attempt	Delay
1	0 ms
2	75 to 125 ms
3	150 to 250 ms
4	300 to 500 ms
5	600 ms to 1 s
6	1.2 to 2 s
7	2.4 to 4 s
8	4.8 to 8 s

The total delay is additive, so this example produces 9.525 to 15.875 s of total delay for a single request.

Field	Type	Required	Default	Description
`max_retries`	integer (uint)	—	`0`	Maximum number of retries until retrying stops. Setting this to zero will always attempt 1 time, but not retry.
`delay`	number (float)	—	`0`	Delay in seconds for exponential back off.
`jitter`	number (float)	—	`0`	Amount of jitter to add as a percentage in decimal form. This will change the formula like:
`retry_on_errors`	array of ErrorCode	—	—	A list of error codes to retry on, if this is not set then the default error codes to retry on are used. These default codes are the most likely to be non-permanent: `Unknown`; `Cancelled`; `DeadlineExceeded`; `ResourceExhausted`; `Aborted`; `Internal`; `Unavailable`; `DataLoss`

ExperimentalOntapS3Spec

Field	Type	Required	Default	Description
`endpoint`	string	Yes	—
`vserver_name`	string	Yes	—
`bucket`	string	Yes	—
`root_certificates`	string	—	—
`key_prefix`	string	—	—	If you wish to prefix the location in the bucket. If None, no prefix will be used.
`retry`	Retry	—	—	Retry configuration to use when a network request fails.
`consider_expired_after_s`	integer (uint32)	—	0	If the number of seconds since the `last_modified` time of the object is greater than this value, the object will not be considered "existing". This allows for external tools to delete objects that have not been uploaded in a long time. If a client receives a `NotFound` the client should re-upload the object.
`max_retry_buffer_per_request`	integer (uint)	—	5MB	The maximum buffer size to retain in case of a retryable error during upload. Setting this to zero will disable upload buffering; this means that in the event of a failure during upload, the entire upload will be aborted and the client will likely receive an error.
`multipart_max_concurrent_uploads`	integer (uint)	—	10	Maximum number of concurrent `UploadPart` requests per `MultipartUpload`.
`insecure_allow_http`	boolean	—	false	Allow unencrypted HTTP connections. Only use this for local testing.
`disable_http2`	boolean	—	false	Disable HTTP/2 connections and only use HTTP/1.1. Default client configuration will have HTTP/1.1 and HTTP/2 enabled for connection schemes. HTTP/2 should be disabled if environments have poor support or performance related to HTTP/2. Safe to keep default unless underlying network environment, S3, or GCS API servers specify otherwise.

CompressionAlgorithm

Plus exactly one of the following variants (the key selects the variant):

`lz4`

LZ4 compression algorithm is extremely fast for compression and decompression, however does not perform very well in compression ratio. In most cases build artifacts are highly compressible, however lz4 is quite good at aborting early if the data is not deemed very compressible.

see: https://lz4.github.io/lz4/

Type: Lz4Config

StoreDirection

Value	Description
`"both"`	The store operates normally and all get and put operations are handled by it.
`"update"`	Update operations will cause persistence to this store, but Get operations will be ignored. This only makes sense on the fast store as the slow store will never get written to on Get anyway.
`"get"`	Get operations will cause persistence to this store, but Update operations will be ignored.
`"read_only"`	Operate as a read only store, only really makes sense if there's another way to write to it.

ShardConfig

Configuration for an individual shard of the store.

Field	Type	Required	Default	Description
`store`	StoreSpec	Yes	—	Store to shard the data to.
`weight`	integer (uint32)	—	1	The weight of the store. This is used to determine how much data should be sent to the store. The actual percentage is the sum of all the store's weights divided by the individual store's weight.

GrpcEndpoint

Field	Type	Required	Default	Description
`address`	string	Yes	—	The endpoint address (i.e. grpc://example.com:443 or grpcs://example.com:443).
`tls_config`	ClientTlsConfig	—	—	The TLS configuration to use to connect to the endpoint (if grpcs).
`concurrency_limit`	integer (uint)	—	—	The maximum concurrency to allow on this endpoint.
`connect_timeout_s`	integer (uint64)	—	30 seconds	Timeout for establishing a TCP connection to the endpoint (seconds).
`tcp_keepalive_s`	integer (uint64)	—	30 seconds	TCP keepalive interval (seconds). Sends TCP keepalive probes at this interval to detect dead connections at the OS level.
`http2_keepalive_interval_s`	integer (uint64)	—	30 seconds	HTTP/2 keepalive interval (seconds). Sends HTTP/2 PING frames at this interval to detect dead connections at the application level.
`http2_keepalive_timeout_s`	integer (uint64)	—	20 seconds	HTTP/2 keepalive timeout (seconds). If a PING response is not received within this duration, the connection is considered dead.

StoreType

Value	Description
`"cas"`	The store is content addressable storage.
`"ac"`	The store is an action cache.

RedisMode

Value	Description
`"cluster"`	Use Redis Cluster.
`"sentinel"`	Use Redis Sentinel.
`"standard"`	Use a standalone Redis server.

EndpointConfig

Generic config for an endpoint and associated configs.

Field	Type	Required	Default	Description
`uri`	string	Yes	—	URI of the endpoint.
`timeout`	number (float)	—	5 seconds	Timeout in seconds that a request should take.
`tls_config`	ClientTlsConfig	—	—	The TLS configuration to use to connect to the endpoint.

UploadActionResultConfig

Field	Type	Required	Default	Description
`ac_store`	string	—	{No uploading is done}	Underlying AC store that the worker will use to publish execution results into. Objects placed in this store should be reachable from the scheduler/client-cas after they have finished updating.
`upload_ac_results_strategy`	UploadCacheResultsStrategy	—	`SuccessOnly`	In which situations should the results be published to the `ac_store`, if set to `SuccessOnly` then only results with an exit code of 0 will be uploaded, if set to Everything all completed results will be uploaded.
`historical_results_store`	string	—	{CAS store of parent}	Store to upload historical results to. This should be a CAS store if set.
`upload_historical_results_strategy`	UploadCacheResultsStrategy	—	`FailuresOnly`	In which situations should the results be published to the historical CAS. The historical CAS is where failures are published. These messages conform to the CAS key-value lookup format and are always a `HistoricalExecuteResponse` serialized message.
`success_message_template`	string	—	"" (no message)	Template to use for the `ExecuteResponse.message` property. This message is attached to the response before it is sent to the client. The following special variables are supported:; `digest_function`: Digest function used to calculate the action digest: `action_digest_hash`: Action digest hash: `action_digest_size`: Action digest size: `historical_results_hash`: `HistoricalExecuteResponse` digest hash: `historical_results_size`: `HistoricalExecuteResponse` digest size.
`failure_message_template`	string	—	"" (no message)	Same as `success_message_template` but for failure case.

WorkerProperty

Plus exactly one of the following variants (the key selects the variant):

`values`

List of static values. Note: Generally there should only ever be 1 value, but if the platform property key is PropertyType::Priority it may have more than one value.

Type: array of string

`query_cmd`

A dynamic configuration. The string will be executed as a command (not shell) and will be split by "\n" (new line character).

Type: string

EnvironmentSource

One of:

property: string — The name of the platform property in the action to get the value from.
value: string — The raw value to set.
"from_environment" — Take the value from the local environment corresponding to the name key
"timeout_millis" — The max amount of time in milliseconds the command is allowed to run (requested by the client).
"side_channel_file" — A special file path will be provided that can be used to communicate with the parent process about out-of-band information. This file will be read after the command has finished executing. Based on the contents of the file, the behavior of the result may be modified.
"action_directory" — A "root" directory for the action. This directory can be used to store temporary files that are not needed after the action has completed. This directory will be purged after the action has completed.

DirectoryCacheConfig

Field	Type	Required	Default	Description
`max_entries`	integer (uint)	—	1000	Maximum number of cached directories.
`max_size_bytes`	integer (uint64)	—	10737418240 (10 GB)	Maximum total size in bytes for all cached directories (0 = unlimited).
`cache_root`	string	—	`{work_directory}/../directory_cache`	Base directory for cache storage. This directory will be managed by the worker and should be on the same filesystem as `work_directory`.

PropertyType

When the scheduler matches tasks to workers that are capable of running the task, this value will be used to determine how the property is treated.

One of:

string
"minimum" — Requires the platform property to be a u64 and when the scheduler looks for appropriate worker nodes that are capable of executing the task, the task will not run on a node that has less than this value.
"exact" — Requires the platform property to be a string and when the scheduler looks for appropriate worker nodes that are capable of executing the task, the task will not run on a node that does not have this property set to the value with exact string match.
"priority" — Does not restrict on this value and instead will be passed to the worker as an informational piece. In the future this will be used by the scheduler and worker to cause the scheduler to prefer certain workers over others, but not restrict them based on these values.

WorkerAllocationStrategy

When a worker is being searched for to run a job, this will be used on how to choose which worker should run the job when multiple workers are able to run the task.

Value	Description
`"least_recently_used"`	Prefer workers that have been least recently used to run a job.
`"most_recently_used"`	Prefer workers that have been most recently used to run a job.

ExperimentalSimpleSchedulerBackend

One of:

"memory" — Use an in-memory store for the scheduler.
redis: ExperimentalRedisSchedulerBackend — Use a Redis store for the scheduler.

SchedulerSpec

Plus exactly one of the following variants (the key selects the variant):

`simple`

Type: SimpleSpec

`grpc`

Type: SchedulerGrpcSpec

`cache_lookup`

Type: CacheLookupSpec

`property_modifier`

Type: PropertyModifierSpec

`historical_resource`

Type: HistoricalResourceSpec

PropertyModification

Plus exactly one of the following variants (the key selects the variant):

`add`

Add a property to the action properties.

Type: PlatformPropertyAddition

`remove`

Remove a named property from the action.

Type: string

`replace`

If a property is found, then replace it with another one.

Type: PlatformPropertyReplacement

HttpListener

Field	Type	Required	Default	Description
`socket_address`	string	Yes	—	Address to listen on. Example: `127.0.0.1:8080` or `:8080` to listen to all IPs.
`freebind`	boolean	—	false	Allow binding `socket_address` before it is assigned locally.
`compression`	HttpCompressionConfig	—	—	Data transport compression configuration to use for this service.
`advanced_http`	HttpServerConfig	—	—	Advanced HTTP server configuration.
`max_decoding_message_size`	integer (uint)	—	4 MiB	Maximum number of bytes to decode on each grpc stream chunk.
`tls`	TlsConfig	—	—	TLS configuration for this server. If not set, the server will not use TLS.

CasServiceConfig

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Used when the config references `instance_name` in the protocol.
`cas_store`	string	Yes	—	The store name referenced in the `stores` map in the main config. This store name referenced here may be reused multiple times.

ActionCacheServiceConfig

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Used when the config references `instance_name` in the protocol.
`ac_store`	string	Yes	—	The store name referenced in the `stores` map in the main config. This store name referenced here may be reused multiple times.
`read_only`	boolean	—	`false`	Whether the Action Cache store may be written to, this if set to false it is only possible to read from the Action Cache.

CapabilitiesServiceConfig

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Used when the config references `instance_name` in the protocol.
`remote_execution`	CapabilitiesRemoteExecutionConfig	—	—	Configuration for remote execution capabilities. If not set the capabilities service will inform the client that remote execution is not supported.

ExecutionServiceConfig

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Used when the config references `instance_name` in the protocol.
`cas_store`	string	Yes	—	The store name referenced in the `stores` map in the main config. This store name referenced here may be reused multiple times. This value must be a CAS store reference.
`scheduler`	string	Yes	—	The scheduler name referenced in the `schedulers` map in the main config.

ByteStreamServiceConfig

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Used when the config references `instance_name` in the protocol.
`cas_store`	string	Yes	—	Name of the store in the "stores" configuration.
`max_bytes_per_stream`	integer (uint)	—	64KiB	Max number of bytes to send on each grpc stream chunk. According to https://github.com/grpc/grpc.github.io/issues/371 16KiB - 64KiB is optimal.
`persist_stream_on_disconnect_timeout`	integer (uint)	—	10 seconds	In the event a client disconnects while uploading a blob, we will hold the internal stream open for this many seconds before closing it. This allows clients that disconnect to reconnect and continue uploading the same blob.

FetchServiceConfig

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Used when the config references `instance_name` in the protocol.
`fetch_store`	string	Yes	—	The store name referenced in the `stores` map in the main config. This store name referenced here may be reused multiple times.

PushServiceConfig

Field	Type	Required	Default	Description
`instance_name`	string	—	`""`	Used when the config references `instance_name` in the protocol.
`push_store`	string	Yes	—	The store name referenced in the `stores` map in the main config. This store name referenced here may be reused multiple times.
`read_only`	boolean	—	`false`	Whether the Action Cache store may be written to, this if set to false it is only possible to read from the Action Cache.

WorkerApiConfig

Field	Type	Required	Default	Description
`scheduler`	string	Yes	—	The scheduler name referenced in the `schedulers` map in the main config.

BepConfig

Field	Type	Required	Default	Description
`store`	string	Yes	—	The store to publish build events to. The store name referenced in the `stores` map in the main config.

AdminConfig

Field	Type	Required	Default	Description
`path`	string	—	"/admin"	Path to register the admin API. If path is "/admin", and your domain is "example.com", you can reach the endpoint with: http://example.com/admin.

HealthConfig

Field	Type	Required	Default	Description
`path`	string	—	"/status"	Path to register the health status check. If path is "/status", and your domain is "example.com", you can reach the endpoint with: http://example.com/status.
`timeout_seconds`	integer (uint64)	—	5s	Timeout on health checks.

ErrorCode

The possible error codes that might occur on an upstream request.

Value	Description
`"Cancelled"`
`"Unknown"`
`"InvalidArgument"`
`"DeadlineExceeded"`
`"NotFound"`
`"AlreadyExists"`
`"PermissionDenied"`
`"ResourceExhausted"`
`"FailedPrecondition"`
`"Aborted"`
`"OutOfRange"`
`"Unimplemented"`
`"Internal"`
`"Unavailable"`
`"DataLoss"`
`"Unauthenticated"`

Lz4Config

Field	Type	Required	Default	Description
`block_size`	integer (uint32)	—	65536 (64k)	Size of the blocks to compress. Higher values require more ram, but might yield slightly better compression ratios.
`max_decode_block_size`	integer (uint32)	—	value in `block_size`	Maximum size allowed to attempt to deserialize data into. This is needed because the `block_size` is embedded into the data so if there was a bad actor, they could upload an extremely large `block_size`'ed entry and we'd allocate a large amount of memory when retrieving the data. To prevent this from happening, we allow you to specify the maximum that we'll attempt to deserialize.

ClientTlsConfig

Field	Type	Required	Default	Description
`ca_file`	string	—	—	Path to the certificate authority to use to validate the remote.
`cert_file`	string	—	—	Path to the certificate file for client authentication.
`key_file`	string	—	—	Path to the private key file for client authentication.
`use_native_roots`	boolean	—	false	If set the client will use the native roots for TLS connections.

UploadCacheResultsStrategy

Value	Description
`"success_only"`	Only upload action results with an exit code of 0.
`"never"`	Don't upload any action results.
`"everything"`	Upload all action results that complete.
`"failures_only"`	Only upload action results that fail.

ExperimentalRedisSchedulerBackend

Field	Type	Required	Default	Description
`redis_store`	string	Yes	—	A reference to the Redis store to use for the scheduler. Note: This MUST resolve to a `RedisSpec`.

PlatformPropertyAddition

Field	Type	Required	Default	Description
`name`	string	Yes	—	The name of the property to add.
`value`	string	Yes	—	The value to assign to the property.

PlatformPropertyReplacement

Field	Type	Required	Default	Description
`name`	string	Yes	—	The name of the property to replace.
`value`	string	—	—	The value to match against, if unset then any instance matches.
`new_name`	string	Yes	—	The new name of the property.
`new_value`	string	—	—	The value to assign to the property, if unset will remain the same.

HttpCompressionConfig

Note: Compressing data in the cloud rarely has a benefit, since most cloud providers have very high bandwidth backplanes. However, for clients not inside the data center, it might be a good idea to compress data to and from the cloud. This will however come at a high CPU and performance cost. If you are making remote execution share the same CAS/AC servers as client's remote cache, you can create multiple services with different compression settings that are served on different ports. Then configure the non-cloud clients to use one port and cloud-clients to use another.

Field	Type	Required	Default	Description
`send_compression_algorithm`	HttpCompressionAlgorithm	—	`HttpCompressionAlgorithm::None`	The compression algorithm that the server will use when sending responses to clients. Enabling this will likely save a lot of data transfer, but will consume a lot of CPU and add a lot of latency. see: https://github.com/tracemachina/nativelink/issues/109
`accepted_compression_algorithms`	array of HttpCompressionAlgorithm	Yes	{no supported compression}	The compression algorithm that the server will accept from clients. The server will broadcast the supported compression algorithms to clients and the client will choose which compression algorithm to use. Enabling this will likely save a lot of data transfer, but will consume a lot of CPU and add a lot of latency. see: https://github.com/tracemachina/nativelink/issues/109

HttpServerConfig

Advanced HTTP configuration. These generally should not be set. For documentation on these settings, see the hyper documentation: See: hyper HTTP server docs

Note: All of these default to the default values from hyper unless otherwise specified.

Field	Type	Required	Default	Description
`http2_keep_alive_interval`	integer (uint32)	—	—	Interval to send keep-alive pings via HTTP2. Note: This is in seconds.
`experimental_http2_max_pending_accept_reset_streams`	integer (uint32)	—	—
`experimental_http2_initial_stream_window_size`	integer (uint32)	—	—
`experimental_http2_initial_connection_window_size`	integer (uint32)	—	—
`experimental_http2_adaptive_window`	boolean	—	—
`experimental_http2_max_frame_size`	integer (uint32)	—	—
`experimental_http2_max_concurrent_streams`	integer (uint32)	—	—
`experimental_http2_keep_alive_timeout`	integer (uint32)	—	—	Note: This is in seconds.
`experimental_http2_max_send_buf_size`	integer (uint32)	—	—
`experimental_http2_enable_connect_protocol`	boolean	—	—
`experimental_http2_max_header_list_size`	integer (uint32)	—	—

TlsConfig

Field	Type	Required	Default	Description
`cert_file`	string	Yes	—	Path to the certificate file.
`key_file`	string	Yes	—	Path to the private key file.
`client_ca_file`	string	—	—	Path to the certificate authority for mTLS, if client authentication is required for this endpoint.
`client_crl_file`	string	—	—	Path to the certificate revocation list for mTLS, if client authentication is required for this endpoint.

CapabilitiesRemoteExecutionConfig

Field	Type	Required	Default	Description
`scheduler`	string	Yes	—	Scheduler used to configure the capabilities of remote execution.

HttpCompressionAlgorithm

Value	Description
`"none"`	No compression.
`"gzip"`	Zlib compression.

Reading the source

If anything here disagrees with the binary, the source wins: