Environment configuration

Introduction

The environment configuration is the place to do the initial configuration of your run time. To be able to deploy projects you need to create at least one k5-project. This k5-project needs at least 3 service bindings to work and these three bindings can be created on the environment level.

Usually, you will only have to configure the environment settings once, but you could change them if needed. Any settings made at this level will only apply to new k5-projects.

Create service bindings

The most important function of the Environment Configuration is to provide the cluster-wide default settings which are necessary to create k5-projects.

You can do the settings via a REST API called Configuration Management API ( see API documentation). This API provides a Swagger UI for ease-of-use, but you can use the tool of your choice for calling APIs (e.g. cURL, Postman).

Tip: As long as not configured otherwise, the default URL where you can find the Configuration Management Swagger UI is built like this:
<https://ssob-config>.<domain>

The exact URL can be found within the route named k5-configuration-management. It can be easily retrieved by executing

oc get route k5-configuration-management -n <namespace>

, whereby <namespace> points to the namespace, where the Solution Designer and Hub are installed (e.g. zen).

Authentication

This service binding sets up the connection to your IAM provider that is used for authentication of a deployed project. The following parameters have to be provided:

Form FieldDescription
NameSpecify a unique name for this binding.
Client IdThe client ID of a registered OAuth client
Client SecretThe secret value which is bound to the referenced OAuth client.
IssuerThe issuer which has issued the JWT.
JWK URIThe URL of the JSON Web Key (JWK) set.
User Authorization URIThe URL of the OAuth authorization endpoint.
Token URIThe URL of the OAuth token endpoint.

Database

Form FieldDescription
NameSpecify a unique name for this binding.
Database URIThe MongoDB connection string

Example:

mongodb://username:password@mongodb.domain.svc.cluster.local:27017/admin?ssl=false

Messaging

Form FieldDescription
bindingNameSpecify a unique name for this binding.
kafka_brokers_saslThe URL(s) of the bootstrap broker(s).
userThe provided Kafka user must have the permission to read and create topics.
passwordEnter the password for the specified message hub user.
saslMechanismSelect the SASL mechanism to use with the message hub.
saslJaasConfigLoginModuleQualifiedNameThe SASL JAAS Config Login Module used for the SASL mechanism.

Example:

{
  "kafka_brokers_sasl": [
    "kafka-bootstrap-broker.your.domain:9093"
  ],
  "user": "username",
  "password": "password123",
  "saslJaasConfigLoginModuleQualifiedName": "org.apache.kafka.common.security.scram.ScramLoginModule",
  "saslMechanism": "SCRAM-SHA-512",
  "kafka_custom_config": [
    {
      "key": "some-custom-key",
      "value": "some-custom-value"
    }
  ]
}