Configuration
The CMX loads configuration data from a file (typically backed by a Kubernetes config map). If the service is unable to retrieve the configuration data, it will not start. Refer to the configuration for details.
Service configuration structure
The recommended configuration format is YAML. The below sections describe the officially supported configuration options that influence various aspects of the service functionality. The service may support options other than the ones listed below, but those are not a part of the public API and may be changed or deleted at any time.
Kaa applications
Many Kaa services can be configured for different behavior depending on the application version of the endpoint the processed data relates to.
This is called appversion-specific behavior and is handled in service configurations under kaa.applications
.
Alternatively, the application-specific configuration can be sourced from Kaa Tekton.
See the Tekton configuration section to find out how to configure such integration.
Despite CMX currently does not support any appversion-specific configurations, it uses the application and appversion names to validate the API calls and protocols data.
kaa:
applications:
<application 1 name>: # Kaa application name
versions:
<application 1 version 1 name>: # Kaa application version name
Tekton
CMX supports integration with Kaa Tekton for centralized application configuration management. The below configuration options set up the integration interface.
kaa:
tekton:
enabled: <boolean> # Enables Tekton integration. False by default. Also can be set with the KAA_TEKTON_ENABLED environment variable.
url: <string> # URL of the Tekton service. "http://tekton" by default. Also can be set with the KAA_TEKTON_URL environment variable.
scmp.consumer:
provider.service-instance.name: <string> # Service instance name of the Tekton service. "tekton" by default. Also can be set with the KAA_SCMP_CONSUMER_PROVIDER_SERVICE_INSTANCE_NAME environment variable.
Configuration data provider interface
kaa:
cmx:
configuration-data-provider:
service-instance:
name: <string> # Name of the endpoint configuration data provider instance
Communication service interface
kaa:
cmx:
communication-service:
service-instance:
name: <string> # Name of the communication service to use
Endpoint state persistence
kaa:
cmx:
endpoint-state-persistence:
ttl: <int> # Time to live for endpoint connectivity status (in seconds)
NATS
The below parameters configure CMX’s connection to NATS. Note that for security reasons NATS username and password are sourced from the environment variables.
nats:
urls: <comma separated list of URL> # NATS connection URLs
Management
CMX monitoring and management implementation is based on the Spring Boot Actuator. Refer to the corresponding documentation for the list of supported configuration options.
Authentication
CMX use auth-kaa-client-starter for making authenticated REST API calls to other services. Authentication is implemented according to OAuth2 protocol.
security:
oauth2:
client:
enabled: <boolean> # Is authentication enable for CMX REST calls. False by default
base-url: <URL> # Base host url to oAuth provider (e.g. Keycloak)
realm: <realm name> # Realm in oAuth provider
clientId: <client ID> # Client ID on whose behalf the requests will be made
clientSecret: <client secret> # Client secret on whose behalf the requests will be made
Logging
By default, CMX uses Spring Boot logging configuration with logback for logging. Refer to the corresponding documentation for the list of supported configuration options.
Built-in configuration profiles
For your convenience, CMX comes with a default built-in configuration profile.
Built-in profile is optimized for a Kubernetes-based production deployment. It does not define any Kaa applications—you have to configure those for any specific Kaa-based solution.
Default
kaa:
cmx:
endpoint-state-persistence:
ttl: 86400 # Equal to one day in seconds
configuration-data-provider:
service-instance:
name: ecr
communication-service:
service-instance:
name: kpc
nats:
urls: nats://nats:4222
management:
port: 8080
security:
enabled: false
endpoints:
enabled: false
health:
enabled: true
mapping.UNKNOWN: SERVICE_UNAVAILABLE
info.enabled: true
metrics.enabled: true