License engine setup guide
Introductionโ
The License Engine is a service that can be set up using a Docker image. This guide will walk you through the process of setting up the License service and configuring it to meet your needs.
Infrastructure prerequisitesโ
- DB instance
- Kafka - version 2.8 or higher
- FLOWX Designer
Dependenciesโ
It has the following dependencies:
Postgres database - the License Engine uses a Postgres database to store license-related data. The database should be set up with basic configuration properties specified in the helm values.yaml file, these properties include the name of the database, username and password, and resources such as CPU and memory limits
Connection to the same Kafka instance as the engine - the License Engine needs to be able to communicate with the FLOWX Engine using Kafka; the Kafka instance used by the engine should be the same one used by the License Engine
Routing of requests through NGINX - requests made to the License Engine should be routed through the FLOWX Designer using NGINX, the configuration for the Designer should be updated to also expose the REST API of the License Engine by adding a path in
flowx-admin-plugins-subpaths
Configurationโ
The service comes with most of the needed configuration properties filled in, but there are a few that need to be set up using some custom environment variables.
Configuring Postgres databaseโ
The basic Postgres configuration is specified in the helm values.yaml file. This file includes properties such as the name of the database, username and password, and resources such as CPU and memory limits.
licencedb:
existingSecret: {{secretName}}
metrics:
enabled: true
service:
annotations:
prometheus.io/port: {{prometheus port}}
prometheus.io/scrape: "true"
type: ClusterIP
serviceMonitor:
additionalLabels:
release: prometheus-operator
enabled: true
interval: 30s
scrapeTimeout: 10s
persistence:
enabled: true
size: 1Gi
postgresqlDatabase: license-coredb
postgresqlExtendedConf:
maxConnections: 200
sharedBuffers: 128MB
postgresqlUsername: postgres
resources:
limits:
cpu: 6000m
memory: 2048Mi
requests:
cpu: 200m
memory: 512Mi
Configuring authorization & access rolesโ
The following variables need to be set in order to connect to the identity management platform:
SECURITY_OAUTH2_BASE_SERVER_URL
SECURITY_OAUTH2_CLIENT_CLIENT_ID
SECURITY_OAUTH2_REALM
Configuring License datasourceโ
The License Engine uses a Postgres/Oracle database to store license-related data. The following environment variables need to be set in order to connect to the database:
SPRING_DATASOURCE_JDBCURL
SPRING_DATASOURCE_USERNAME
SPRING_DATASOURCE_PASSWORD
Configuring Engine datasourceโ
The License service needs to retrieve the data for a process instance from the engine database. So it needs to have all the correct information to connect to the engine database.
The following configuration details need to be added in configuration files or overwritten using environment variables:
ENGINE_DATASOURCE_JDBCURL
ENGINE_DATASOURCE_USERNAME
ENGINE_DATASOURCE_PASSWORD
Configuring Kafkaโ
Kafka handles all communication between the License Engine and the FLOWX Engine. Both a producer and a consumer must be configured. The following environment variables need to be set:
SPRING_KAFKA_BOOTSTRAP_SERVERS
- address of the Kafka serverSPRING_KAFKA_CONSUMER_GROUP_ID
- group of consumersKAFKA_CONSUMER_THREADS
- the number of Kafka consumer threadsKAFKA_AUTH_EXCEPTION_RETRY_INTERVAL
- the interval between retries afterAuthorizationException
is thrown byKafkaConsumer
The configured license topic KAFKA_TOPIC
_LICENSE_IN
should be the same as the KAFKA_TOPIC_LICENSE_OUT
from the engine
Configuring loggingโ
The following environment variables could be set in order to control log levels:
LOGGING_LEVEL_ROOT
- root spring boot microservice logs
LOGGING_LEVEL_APP
- app level logs
Configuring NGINXโ
The configuration for the Flowx Designer should be updated to also expose the REST API of the license engine by adding a path in flowx-admin-plugins-subpaths
- path: /license(/|$)(.*)
backend:
serviceName: license-core
servicePort: 80