The Application Manager is a backend microservice for managing FlowX applications, libraries, versions, manifests, configurations, and builds. This guide provides detailed instructions for setting up the service and configuring its components through environment variables.
Component | Purpose |
---|---|
PostgreSQL | Storing application data |
MongoDB | Managing runtime builds |
Redis | Caching needs |
Kafka | Event-driven communication |
OAuth2 Server | Authentication (Keycloak recommended) |
Environment Variable | Description | Example Value |
---|---|---|
CONFIG_PROFILE (deprecated since v4.7.6) | Spring configuration profiles | k8stemplate_v2,kafka-auth |
MULTIPART_MAX_FILE_SIZE | Maximum file upload size | 25MB |
MULTIPART_MAX_REQUEST_SIZE | Maximum request size | 25MB |
LOGGING_CONFIG_FILE | Logging configuration file | logback-spring.xml |
Environment variable | Description | Default value | Possible Values |
---|---|---|---|
FLOWX_CONFIGPARAMS_VARS_ALLOWLISTREGEX | Regular expression to match allowed environment variable names | .* | .* |
FLOWX_CONFIGPARAMS_SECRETS_ALLOWLISTREGEX | Regular expression to match allowed secret names | .* | .* |
Environment Variable | Description | Example Value |
---|---|---|
SPRING_DATASOURCE_URL | PostgreSQL JDBC URL | jdbc:postgresql://postgresql:5432/app_manager |
SPRING_DATASOURCE_USERNAME | Database username | flowx |
SPRING_DATASOURCE_PASSWORD | Database password | password |
SPRING_DATASOURCE_DRIVERCLASSNAME | JDBC driver class | org.postgresql.Driver |
Environment Variable | Description | Example Value |
---|---|---|
SPRING_DATA_MONGODB_URI | MongoDB connection URI | mongodb://${DB_USERNAME}:${DB_PASSWORD}@mongodb-0.mongodb-headless,mongodb-1.mongodb-headless,mongodb-arbiter-0.mongodb-arbiter-headless:27017/app-runtime?retryWrites=false |
DB_USERNAME | MongoDB username | app-runtime |
DB_PASSWORD | MongoDB password | password |
SPRING_DATA_MONGODB_STORAGE | Storage type (Azure environments only) | mongodb (alternative: cosmosdb ) |
Environment Variable | Description | Example Value |
---|---|---|
SPRING_DATA_REDIS_HOST | Redis server hostname | redis-master |
SPRING_DATA_REDIS_PASSWORD | Redis password | password |
SPRING_DATA_REDIS_PORT | Redis server port | 6379 |
SPRING_REDIS_TTL | Default Redis TTL in milliseconds | 5000000 |
Environment Variable | Description | Example Value |
---|---|---|
SPRING_KAFKA_BOOTSTRAPSERVERS | Kafka broker addresses | kafka-flowx-kafka-bootstrap:9092 |
SPRING_KAFKA_SECURITY_PROTOCOL | Security protocol | PLAINTEXT |
KAFKA_MESSAGE_MAX_BYTES | Maximum message size | 52428800 (50MB) |
FLOWX_KAFKA_PAYLOADSIZELIMIT | Payload size limit | 512000 (500KB) |
Environment Variable | Description | Example Value |
---|---|---|
SPRING_KAFKA_PRODUCER_KEYSERIALIZER | Key serializer class | org.apache.kafka.common.serialization.StringSerializer |
SPRING_KAFKA_PRODUCER_PROPERTIES_MAX_REQUEST_SIZE | Maximum request size | 52428800 (50MB) |
Environment Variable | Description | Example Value |
---|---|---|
KAFKA_OAUTH_CLIENTID | OAuth client ID | flowx-service-client |
KAFKA_OAUTH_CLIENTSECRET | OAuth client secret | flowx-service-client-secret |
KAFKA_OAUTH_TOKEN_ENDPOINT_URI | OAuth token endpoint | {baseUrl}/auth/realms/kafka-authz/protocol/openid-connect/token |
Environment Variable | Description | Default Value |
---|---|---|
KAFKA_CONSUMER_GROUPID_APPLICATION_RESOURCE_EXPORT | Application export consumer group | appResourceExportGroup |
KAFKA_CONSUMER_GROUPID_APPLICATION_RESOURCE_IMPORT | Application import consumer group | appResourceImportGroup |
KAFKA_CONSUMER_GROUPID_APPLICATION_RESOURCE_USAGES | Resource usages consumer group | appResourceUsagesGroup |
KAFKA_CONSUMER_GROUPID_APPLICATION_RESOURCE_RESELEMUSAGEVALIDATIONRESP | Resource element validation group | appResElemUsageValidationResp |
KAFKA_CONSUMER_GROUPID_APPLICATION_RESOURCE_COPY | Resource copy consumer group | appResourceCopyGroup |
KAFKA_CONSUMER_GROUPID_APPLICATION_MERGE | Application merge consumer group | appMergeItemGroup |
KAFKA_CONSUMER_GROUPID_BUILD_CREATE | Build create consumer group | buildCreateGroup |
KAFKA_CONSUMER_GROUPID_BUILD_UPDATE | Build update consumer group | buildUpdateGroup |
KAFKA_CONSUMER_GROUPID_BUILD_RESOURCE_EXPORT | Build export consumer group | buildResourceExportGroup |
KAFKA_CONSUMER_GROUPID_BUILD_RESOURCE_IMPORT | Build import consumer group | buildResourceImportGroup |
KAFKA_CONSUMER_GROUPID_BUILD_STARTTIMEREVENTS_UPDATES | Build timer events updates consumer | buildStartTimerEventsUpdatesGroup |
KAFKA_CONSUMER_GROUPID_PROCESS_START | Process start consumer group | processStartGroup |
KAFKA_AUTH_EXCEPTION_RETRY_INTERVAL | Auth exception retry interval (seconds) | 10 |
Environment Variable | Description | Default Value |
---|---|---|
KAFKA_CONSUMER_THREADS_APPLICATION_RESOURCE_EXPORT | Application export consumer threads | 3 |
KAFKA_CONSUMER_THREADS_APPLICATION_RESOURCE_IMPORT | Application import consumer threads | 3 |
KAFKA_CONSUMER_THREADS_APPLICATION_RESOURCE_USAGES | Resource usages consumer threads | 3 |
KAFKA_CONSUMER_THREADS_APPLICATION_RESOURCE_RESELEMUSAGEVALIDATIONRESP | Resource validation response threads | 3 |
KAFKA_CONSUMER_THREADS_APPLICATION_RESOURCE_COPY | Resource copy consumer threads | 3 |
KAFKA_CONSUMER_THREADS_APPLICATION_MERGE | Application merge consumer threads | 3 |
KAFKA_CONSUMER_THREADS_BUILD_CREATE | Build create consumer threads | 2 |
KAFKA_CONSUMER_THREADS_BUILD_UPDATE | Build update consumer threads | 4 |
KAFKA_CONSUMER_THREADS_BUILD_RESOURCE_EXPORT | Build export consumer threads | 3 |
KAFKA_CONSUMER_THREADS_BUILD_RESOURCE_IMPORT | Build import consumer threads | 3 |
KAFKA_CONSUMER_THREADS_BUILD_STARTTIMEREVENTS_UPDATES | Build timer events updates consumer threads | 3 |
Component | Default Value | Environment Variable | Description |
---|---|---|---|
package | ai.flowx. | KAFKA_TOPIC_NAMING_PACKAGE | Base package identifier |
environment | dev. | KAFKA_TOPIC_NAMING_ENVIRONMENT | Deployment environment |
version | .v1 | KAFKA_TOPIC_NAMING_VERSION | Topic version |
separator | . | KAFKA_TOPIC_NAMING_SEPARATOR | Main separator (referred to as dot ) |
separator2 | - | KAFKA_TOPIC_NAMING_SEPARATOR2 | Secondary separator (as dash ) |
prefix | ${KAFKA_TOPIC_NAMING_PACKAGE}${KAFKA_TOPIC_NAMING_ENVIRONMENT} | KAFKA_TOPIC_NAMING_PREFIX | Combined package and environment |
suffix | ${KAFKA_TOPIC_NAMING_VERSION} | KAFKA_TOPIC_NAMING_SUFFIX | The version suffix |
ai.flowx.dev.
is the prefix (package + environment)application-version
is the serviceexport
is the action.v1
is the suffix (version)resources-usages
represents the resource typesub-res-validation
represents the operation typeresponse
indicates it’s a response messageEnvironment Variable | Description | Default Pattern |
---|---|---|
KAFKA_TOPIC_APPLICATION_RESOURCE_EXPORT | Application resource export topic | ai.flowx.dev.application-version.export.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_IMPORT | Application resource import topic | ai.flowx.dev.application-version.import.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_USAGES_IN | Resource usages in topic | ai.flowx.dev.application-version.resources-usages.operations.bulk.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_USAGES_OUT | Resource usages out topic | ai.flowx.dev.application-version.resources-usages.operations.bulk.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_USAGES_REFRESH | Resource usages refresh topic | ai.flowx.dev.application-version.resources-usages.refresh.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_RESELEMUSAGEVALIDATION_RESPONSE | Resource element usage validation response | ai.flowx.dev.application-version.resources-usages.sub-res-validation.response.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_RESELEMUSAGEVALIDATION_OUT_INTEGRATION | Resource validation integration topic | ai.flowx.dev.application-version.resources-usages.sub-res-validation.request-integration.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_RESELEMUSAGEVALIDATION_OUT_CMS | Resource validation CMS topic | ai.flowx.dev.application-version.resources-usages.sub-res-validation.cms.v1 |
KAFKA_TOPIC_APPLICATION_RESOURCE_COPY | Resource copy topic | ai.flowx.dev.application-version.copy-resource.v1 |
KAFKA_TOPIC_APPLICATION_MERGE | Application merge topic | ai.flowx.dev.application-version.merge.v1 |
Environment Variable | Description | Default Pattern |
---|---|---|
KAFKA_TOPIC_BUILD_UPDATE | Build update topic | ai.flowx.dev.build.update.v1 |
KAFKA_TOPIC_BUILD_CREATE | Build create topic | ai.flowx.dev.build.create.v1 |
KAFKA_TOPIC_BUILD_RESOURCE_EXPORT | Build export topic | ai.flowx.dev.build.export.v1 |
KAFKA_TOPIC_BUILD_RESOURCE_IMPORT | Build import topic | ai.flowx.dev.build.import.v1 |
KAFKA_TOPIC_BUILD_STARTTIMEREVENTS_UPDATES | Timer events updates topic | ai.flowx.dev.build.start-timer-events.updates.in.v1 |
Environment Variable | Description | Default Pattern |
---|---|---|
KAFKA_TOPIC_PROCESS_STARTFOREVENT_IN | Process start for event topic | ai.flowx.dev.core.trigger.start-for-event.process.v1 |
KAFKA_TOPIC_PROCESS_STARTBYNAME_IN | Process start by name topic | ai.flowx.dev.core.trigger.start-by-name.process.v1 |
KAFKA_TOPIC_PROCESS_STARTBYNAME_OUT | Process start by name out topic | ai.flowx.dev.core.trigger.start-by-name.process.out.v1 |
KAFKA_TOPIC_PROCESS_SCHEDULEDTIMEREVENTS_OUT_SET | Set timer schedule topic | ai.flowx.dev.core.trigger.set.timer-event-schedule.v1 |
KAFKA_TOPIC_PROCESS_SCHEDULEDTIMEREVENTS_OUT_STOP | Stop timer schedule topic | ai.flowx.dev.core.trigger.stop.timer-event-schedule.v1 |
Environment Variable | Description | Default Pattern |
---|---|---|
KAFKA_TOPIC_AUDIT_OUT | Audit topic | ai.flowx.dev.core.trigger.save.audit.v1 |
KAFKA_TOPIC_EVENTSGATEWAY_OUT_MESSAGE | Events gateway messages topic | ai.flowx.dev.eventsgateway.receive.copyresource.v1 |
Environment Variable | Description | Default Value |
---|---|---|
SECURITY_TYPE | Security type | oauth2 |
SECURITY_OAUTH2_CLIENT | Enable OAuth2 client | enabled |
SECURITY_OAUTH2_BASE_SERVER_URL | OAuth2 server base URL | |
SECURITY_OAUTH2_REALM | OAuth2 realm name | |
SECURITY_OAUTH2_CLIENT_CLIENTID | OAuth2 client ID | |
SECURITY_OAUTH2_CLIENT_CLIENTSECRET | OAuth2 client secret | |
SECURITY_OAUTH2_CLIENT_ACCESS_TOKEN_URI | OAuth2 access token URI | ${SECURITY_OAUTH2_BASE_SERVER_URL}/realms/${SECURITY_OAUTH2_REALM}/protocol/openid-connect/token |
Environment Variable | Description | Default Value |
---|---|---|
SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENTID | Service account client ID | flowx-runtime-manager-sa |
SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENTSECRET | Service account client secret |
Environment Variable | Description | Default Value |
---|---|---|
SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_OPAQUE_TOKEN_INTROSPECTION_URI | Token introspection URI | ${SECURITY_OAUTH2_BASE_SERVER_URL}/realms/${SECURITY_OAUTH2_REALM}/protocol/openid-connect/token/introspect |
SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_OPAQUE_TOKEN_CLIENTID | Resource server client ID | ${SECURITY_OAUTH2_CLIENT_CLIENTID} |
SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_OPAQUE_TOKEN_CLIENTSECRET | Resource server client secret | ${SECURITY_OAUTH2_CLIENT_CLIENTSECRET} |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_PROVIDER | Identity provider name | mainAuthProvider |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_CLIENT_NAME | Client name | mainIdentity |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_CLIENTID | Client ID | ${SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENTID} |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_CLIENTSECRET | Client secret | ${SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENTSECRET} |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_AUTHORIZATION_GRANT_TYPE | Authorization grant type | client_credentials |
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_CLIENT_AUTHENTICATION_METHOD | Client authentication method | client_secret_post |
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_MAINAUTHPROVIDER_TOKEN_URI | Provider token URI | ${SECURITY_OAUTH2_BASE_SERVER_URL}/realms/${SECURITY_OAUTH2_REALM}/protocol/openid-connect/token |
Environment Variable | Description | Example Value | Default |
---|---|---|---|
APPLICATION_FILESTORAGE_S3_SERVERURL | S3 server URL | http://minio:9000 | None |
APPLICATION_FILESTORAGE_S3_ACCESSKEY | S3 access key | Ha0wvtOE9gQ2NSzghEcs | None |
APPLICATION_FILESTORAGE_S3_SECRETKEY | S3 secret key | jY7nYLVtNh9JzMflliQKu3noPpjxD3prxIkliErX | None |
APPLICATION_FILESTORAGE_TYPE | Storage type | s3 | s3 |
APPLICATION_FILESTORAGE_DELETIONSTRATEGY | File deletion strategy | delete | delete |
APPLICATION_FILESTORAGE_S3_ENABLED | Enable S3 storage | true | true |
APPLICATION_FILESTORAGE_S3_ENCRYPTIONENABLED | Enable S3 encryption | false | false |
APPLICATION_FILESTORAGE_S3_BUCKETPREFIX | S3 bucket name prefix | applications-bucket | applications-bucket |
Environment Variable | Description | Example Value | Default |
---|---|---|---|
MANAGEMENT_METRICS_EXPORT_PROMETHEUS_ENABLED | Prometheus metrics | true | false |
MANAGEMENT_HEALTH_KUBERNETES_ENABLED | Kubernetes health check | false | true |
MANAGEMENT_HEALTH_REDIS_ENABLED | Redis health check | false | true |
MANAGEMENT_HEALTH_KAFKA_ENABLED | Kafka health check | true | true |
MANAGEMENT_HEALTH_LIVENESSSTATE_ENABLED | Liveness state | true | false |
MANAGEMENT_HEALTH_READINESSSTATE_ENABLED | Readiness state | true | false |
MANAGEMENT_ENDPOINT_HEALTH_GROUP_LIVENESS_INCLUDE | Liveness probes | ping,diskSpace,accessInfo,buildInfo,db,mongo,kafkaClusterHealthCheckIndicator | ping |
MANAGEMENT_ENDPOINT_HEALTH_GROUP_READINESS_INCLUDE | Readiness probes | ping,diskSpace,accessInfo,buildInfo | ping |
Environment Variable | Description | Example Value | Default |
---|---|---|---|
RESOURCE_PROXY_MANIFEST_URL | Manifest URL for resource proxy | URL value | None |
RESOURCE_PROXY_TARGET_URL | Target URL for resource forwarding | URL value | None |
FLOWX_RESOURCEPROXY_RETRYGETRESOURCETIMEOUTMS | Resource retrieval timeout | 500 | 500 |
FLOWX_RESOURCEPROXY_RETRYGETRESOURCEMAXCOUNT | Maximum resource retrieval retries | 10 | 10 |
FLOWX_RESOURCEPROXY_WEBCLIENT_RETRYATTEMPTS | Web client retry attempts | 2 | 2 |
FLOWX_RESOURCEPROXY_WEBCLIENT_RETRYBACKOFF | Retry backoff time (seconds) | 1 | 1 |
FLOWX_RESOURCEPROXY_WEBCLIENT_MAXINMEMORYSIZE | Maximum in-memory size | 5MB | 5MB |
FLOWX_RUNTIMEEXECUTIONPROXY_WEBCLIENT_MAXINMEMORYSIZE | Maximum REST request size | 5242880 (5 MB) | 5242880 |
FLOWX_RUNTIMEEXECUTIONPROXY_WEBCLIENT_MAXINMEMORYSIZE
- Specifies the maximum size (in bytes) of in-memory data for REST requests. This is particularly useful when dealing with large payloads to prevent excessive memory consumption.Environment Variable | Description | Example Value | Default |
---|---|---|---|
FLOWX_SCHEDULER_RETRYFAILEDDEPLOYMENTSCRON | Failed deployment retry cron | 0 * * * * * | None |
FLOWX_SCHEDULER_MASTERELECTION_ENABLED | Enable master election | true | false |
FLOWX_SCHEDULER_MASTERELECTION_CRONEXPRESSION | Master election cron | */30 * * * * * | None |
FLOWX_SCHEDULER_MASTERELECTION_PROVIDER | Election provider | redis | None |
Environment Variable | Description | Example Value |
---|---|---|
LOGGING_LEVEL_ROOT | Root Spring Boot logs level | INFO |
LOGGING_LEVEL_APP | Application-level logs level | INFO |
LOGGING_LEVEL_DB | Database interactions log level | INFO |