License Engine setup
The License Engine is a service that can be set up using a Docker image. This guide will walk you through the process of setting up the License service and configuring it to meet your needs.
Infrastructure prerequisites
- DB instance
- Kafka - version 2.8 or higher
- FlowX Designer deployment
Dependencies
It has the following dependencies:
- Postgres database - the License Engine uses a Postgres database to store license-related data. The database should be set up with basic configuration properties specified in the helm values.yaml file, these properties include the name of the database, username and password, and resources such as CPU and memory limits
- Connection to the same Kafka instance as the engine - the License Engine needs to be able to communicate with the FLOWX.AI Engine using Kafka; the Kafka instance used by the engine should be the same one used by the License Engine
- Routing of requests through NGINX - requests made to the License Engine should be routed through the FLOWX.AI Designer using NGINX, the configuration for the Designer should be updated to also expose the REST API of the License Engine by adding a path in
flowx-admin-plugins-subpaths
Configuration
The service comes with most of the needed configuration properties filled in, but there are a few that need to be set up using some custom environment variables.
Configuring Postgres database
The basic Postgres configuration is specified in the helm values.yaml file. This file includes properties such as the name of the database, username and password, and resources such as CPU and memory limits.
licencedb:
existingSecret: {{secretName}}
metrics:
enabled: true
service:
annotations:
prometheus.io/port: {{prometheus port}}
prometheus.io/scrape: "true"
type: ClusterIP
serviceMonitor:
additionalLabels:
release: prometheus-operator
enabled: true
interval: 30s
scrapeTimeout: 10s
persistence:
enabled: true
size: 1Gi
postgresqlDatabase: license-coredb
postgresqlExtendedConf:
maxConnections: 200
sharedBuffers: 128MB
postgresqlUsername: postgres
resources:
limits:
cpu: 6000m
memory: 2048Mi
requests:
cpu: 200m
memory: 512Mi
OpenID connect settings
SECURITY_TYPE
: Indicates that OAuth 2.0 is the chosen security type, default value:oauth2
.
security:
type: oauth2
SECURITY_PATHAUTHORIZATIONS_0_PATH
: Defines a security path or endpoint pattern. It specifies that the security settings apply to all paths under the “/api/” path. The**
is a wildcard that means it includes all subpaths under “/api/**“.SECURITY_PATHAUTHORIZATIONS_0_ROLESALLOWED
: Specifies the roles allowed for accessing the specified path. In this case, the roles allowed are empty (""). This might imply that access to the “/api/**” paths is open to all users or that no specific roles are required for authorization.
pathAuthorizations:
- path: "/api/**"
rolesAllowed: "ANY_AUTHENTICATED_USER"
SECURITY_OAUTH2_BASE_SERVER_URL
: This setting specifies the base URL of the OpenID server, which is used for authentication and authorization.SECURITY_OAUTH2_CLIENT_CLIENT_ID
: Specifies the client ID associated with the application registered on the OpenID server for authentication and authorization.SECURITY_OAUTH2_REALM
: Defines the realm for the OAuth 2.0 authorization server. The realm is a protected space where the client’s resources are stored. It provides additional context for the authentication process.
Configuring License datasource
The License Engine uses a Postgres/Oracle database to store license-related data. The following environment variables need to be set in order to connect to the database:
SPRING_DATASOURCE_JDBCURL
SPRING_DATASOURCE_USERNAME
SPRING_DATASOURCE_PASSWORD
Configuring Engine datasource
The License service needs to retrieve the data for a process instance from the engine database. So it needs to have all the correct information to connect to the engine database.
The following configuration details need to be added in configuration files or overwritten using environment variables:
ENGINE_DATASOURCE_JDBCURL
ENGINE_DATASOURCE_USERNAME
ENGINE_DATASOURCE_PASSWORD
Configuring Kafka
Kafka handles all communication between the License Engine and the FLOWX Engine. Both a producer and a consumer must be configured. The following environment variables need to be set:
SPRING_KAFKA_BOOTSTRAP_SERVERS
- address of the Kafka serverSPRING_KAFKA_CONSUMER_GROUP_ID
- group of consumersKAFKA_CONSUMER_THREADS
- the number of Kafka consumer threadsKAFKA_AUTH_EXCEPTION_RETRY_INTERVAL
- the interval between retries afterAuthorizationException
is thrown byKafkaConsumer
The configured license topic KAFKA_TOPIC
_LICENSE_IN
should be the same as the KAFKA_TOPIC_LICENSE_OUT
from the engine
Configuring logging
The following environment variables could be set in order to control log levels:
LOGGING_LEVEL_ROOT
- root spring boot microservice logsLOGGING_LEVEL_APP
- app level logs
Configuring NGINX
The configuration for the FlowX Designer should be updated to also expose the REST API of the license engine by adding a path in flowx-admin-plugins-subpaths
- path: /license(/|$)(.*)
backend:
serviceName: license-core
servicePort: 80
Was this page helpful?