Overview

Endpoint Configuration Repository (ECR) is a Kaa service that maintains endpoint (EP) configuration data. An endpoint configuration is a JSON document of arbitrary structure. An endpoint may have one configuration defined per each application version. There is also a default configuration per each application version that is applied when the endpoint does not have a specific configuration for that application version.

ECR assigns a unique ID to every configuration document. It remembers the ID of the last configuration delivered to every EP. Based on these IDs, ECR determines whether there is an outstanding configuration update pending delivery to an EP.

ECR provides interfaces for managing and retrieving endpoint configurations and managing default configurations per application version. Data stored in ECR can be retrieved for display by UI services, delivered to endpoints, etc. Once there is an update to an endpoint’s configuration data, ECR sends a broadcast event that other services may subscribe to.

ECR listens to EP lifecycle events to push configuration data when an endpoint registers or upgrades to a new application version, or to clean up the EP configurations when that endpoint is deleted.

For data persistence, ECR uses MongoDB.

Interfaces

ECR supports a number of interfaces to perform its functional role. The key supported interfaces are summarized in the following diagram.

ECR interfaces diagram

For inter-service communication, Kaa services mainly use REST APIs and messaging protocols that run over NATS messaging system.

EP configuration management

EPR provides REST APIs that can be used by other services to manage EP configuration data:

  • Endpoint Configuration API allows managing endpoint-specific configurations.
  • Default Configuration API allows managing default configuration data for endpoints based on their application versions.

The above APIs can be used, for example, by services like Web Dashboard to manage EP configurations using visual interfaces.

EP configuration data transport

EP configuration data transport interface is based on the Configuration Data Transport Protocol (6/CDTP) that runs on top of NATS. This interface is used for notifying other services about the updates to the endpoint configurations and for retrieving new EP configuration data from ECR. Responding to requests over this interface, ECR uses default configuration for an application version if there is no specific configuration for the endpoint in question.

Services that deliver configuration data to endpoints may use this interface to notify ECR about the delivered configurations.

EP lifecycle events

ECR listens to EP lifecycle events broadcast by other services over NATS. When an EP registers or updates its application version, ECR checks whether a new configuration should be delivered to it, and broadcasts a corresponding event over 6/CDTP. After ECR receives a message about a removed endpoint, it cleans up the corresponding configuration data.

Tekton integration

ECR is integrated with the Kaa Tekton for centralized application configuration management. It receives configuration update messages from Tekton over 17/SCMP and uses Tekton REST API to retrieve current configs.

See configuration for more information.

Kaa Tenant Manager integration

ECR supports multi-tenancy with each tenant using a separate OAuth 2.0 issuer for authentication, authorization, and resource management. The list of the existing tenants is managed by [the Kaa Tenant Manager][Tenant Manager], which provides REST API for retrieving tenant security configs.

See the security configuration for more details on how to enable multi-tenancy in ECR.