Endpoint Configuration Repository (ECR) is a Kaa service that maintains endpoint (EP) configuration data. An endpoint configuration is a JSON document of arbitrary structure. An endpoint may have one configuration defined per each application version. There is also a default configuration per each application version that is applied when the endpoint does not have a specific configuration for that application version.
ECR assigns a unique ID to every configuration document.
ECR maintains a history of all dispatched and confirmed configurations for every endpoint.
Service implements implicit configuration application by marking configuration ID specified in the configuration request as applied assigning to it HTTP status code
Implicitly applied reason phrase.
ECR provides interfaces for managing and retrieving endpoint configurations and managing default configurations per application version. Data stored in ECR can be retrieved for display by UI services, delivered to endpoints, etc. Once there is an update to an endpoint’s configuration data, ECR sends a broadcast event that other services may subscribe to.
ECR listens to EP lifecycle events to clean up the EP configurations when that endpoint is deleted.
For data persistence, ECR uses MongoDB.
ECR supports a number of interfaces to perform its functional role. The key supported interfaces are summarized in the following diagram.
For inter-service communication, Kaa services mainly use REST APIs and messaging protocols that run over NATS messaging system.
EP configuration management
ECR provides REST APIs that can be used by other services to manage EP configuration data:
- Endpoint Configuration API allows managing endpoint-specific configurations.
- Default Configuration API allows managing default configuration data for endpoints based on their application versions.
The above APIs can be used, for example, by services like Web Dashboard to manage EP configurations using visual interfaces.
EP configuration data transport
EP configuration data transport interface is based on the Configuration Data Transport Protocol (6/CDTP) that runs on top of NATS. This interface is used for notifying other services about the updates to the endpoint configurations and for retrieving new EP configuration data from ECR. Responding to requests over this interface, ECR uses default configuration for an application version if there is no specific configuration for the endpoint in question.
Services that deliver configuration data to endpoints may use this interface to notify ECR about the delivered configurations.
EP lifecycle events
ECR listens to EP lifecycle events broadcast by other services over NATS. When ECR receives a message about a removed endpoint, it cleans up the corresponding configuration data.
ECR is integrated with the Kaa Tekton for centralized application configuration management. It receives configuration update messages from Tekton over 17/SCMP and uses Tekton REST API to retrieve current configs.
See configuration for more information.
Kaa Tenant Manager integration
ECR supports multi-tenancy with each tenant using a separate OAuth 2.0 issuer for authentication, authorization, and resource management. The list of the existing tenants is managed by [the Kaa Tenant Manager][Tenant Manager], which provides REST API for retrieving tenant security configs.
See the security configuration for more details on how to enable multi-tenancy in ECR.