Environment configuration

Introduction

The environment configuration is the place to do the initial configuration of your run time. To be able to deploy projects you need to create at least one k5-project. This k5-project needs at least 2 service bindings to work and these two bindings can be created on the environment level.

Usually, you will only have to configure the environment settings once, but you could change them if needed. Any settings made at this level will only apply to new k5-projects.

The 2 service bindings can be created in 2 ways:

Create service bindings directly in Openshift

The most important function of the Environment Configuration is to provide the cluster-wide default settings which are necessary to create k5-projects.

You can do the settings directly in OpenShift.

In the following configurations, the namespace k5-tools points to the namespace, where IBM Industry Solutions Workbench is installed.

Database

This configuration is required to define the connection to database that is used for the deployed services.

Configuration description in json format:

Form FieldDescription
NameSpecify a unique name for this binding.
uriThe MongoDB connection string

Apply Configuration:

kind: Secret
apiVersion: v1
metadata:
  name: k5-default-document-storage-service-binding
  namespace: <k5-tools>
stringData:
  binding: '{"uri":"mongodb://mongoUser:mongoPassword@mongodb.namespace.svc.cluster.local:27017/admin?ssl=true"}'

Or:

kind: Secret
apiVersion: v1
metadata:
  name: k5-default-document-storage-service-binding
  namespace: <k5-tools>
stringData:
  binding: '{"uri":"mongodb://mongoUser:mongoPassword@portal-ssl1234.yp-89c7662a-e651.composedb.com:17647,portal-ssl5678.yp-89c7662a-e651.composedb.com:17647/compose?authSource=admin&ssl=true"}'

Messaging

This configuration is required to define the connection to kafka (Red Hat Integration - AMQ Streams) that is used for the deployed services.

Configuration description in json format:

Form FieldDescription
kafka_brokers_saslThe URL(s) of the bootstrap broker(s).
userThe provided Kafka user must have the permission to read and create topics.
passwordEnter the password for the specified message hub user.
saslMechanismSelect the SASL mechanism to use with the message hub.
saslJaasConfigLoginModuleQualifiedNameThe SASL JAAS Config Login Module used for the SASL mechanism.

Apply Configuration:

kind: Secret
apiVersion: v1
metadata:
  name: k5-default-message-service-binding
  namespace: <k5-tools>
stringData:
  binding: '{"kafka_brokers_sasl":["kafka-kafka-bootstrap.namespace.svc:9093"],"user":"kafka-user","password":"kafka-password","saslJaasConfigLoginModuleQualifiedName":"org.apache.kafka.common.security.scram.ScramLoginModule","saslMechanism":"SCRAM-SHA-512"}'

Create service bindings via Configuration Management REST API

Optionally you can do the settings via a REST API called Configuration Management API as well ( see API documentation). This API provides a Swagger UI for ease-of-use, but you can use the tool of your choice for calling APIs (e.g. cURL, Postman).

Attention: If you have created the service bindings already directly in Openshift, you can ignore this section.
Tip: As long as not configured otherwise, the default URL where you can find the Configuration Management Swagger UI is built like this:
https://k5-configuration-<namespace>.apps.openshift-cluster.mydomain.cloud

The exact URL can be found within the route named k5-configuration-management. It can be easily retrieved by executing

oc get route k5-configuration-management -n <namespace>

whereby <namespace> points to the namespace, where IBM Industry Solutions Workbench is installed (e.g. k5-tools)..

Database

Form FieldDescription
NameSpecify a unique name for this binding.
Database URIThe MongoDB connection string

Example:

mongodb://username:password@mongodb.domain.svc.cluster.local:27017/admin?ssl=false

Messaging

Form FieldDescription
bindingNameSpecify a unique name for this binding.
kafka_brokers_saslThe URL(s) of the bootstrap broker(s).
userThe provided Kafka user must have the permission to read and create topics.
passwordEnter the password for the specified message hub user.
saslMechanismSelect the SASL mechanism to use with the message hub.
saslJaasConfigLoginModuleQualifiedNameThe SASL JAAS Config Login Module used for the SASL mechanism.

Example:

{
  "kafka_brokers_sasl": [
    "kafka-bootstrap-broker.your.domain:9093"
  ],
  "user": "username",
  "password": "password123",
  "saslJaasConfigLoginModuleQualifiedName": "org.apache.kafka.common.security.scram.ScramLoginModule",
  "saslMechanism": "SCRAM-SHA-512",
  "kafka_custom_config": [
    {
      "key": "some-custom-key",
      "value": "some-custom-value"
    }
  ]
}