Federated system parameters

Each server to be federated into the Process Federation Server container applies the FederatedSystem CR. Provide the details that are relevant to your environment. To enable the notification server, add the notifications section and set the Java™ Message Service (JMS) access information. To enable database indexing, add the section for your database and set the database connection information.

The following tables list the parameters for configuring the federated system. All properties are mandatory, unless they have a default value or are explicitly optional. Although the system might seem to install correctly when some parameters are omitted, this kind of configuration is not supported.

General federated system parameters
PostgreSQL parameters
Oracle parameters
Db2 parameters
SQL Server parameters

General federated system parameters

The following table shows the FederatedSystem parameters for all databases. The notification parameters do not apply to on-premise Business Automation Workflow.

Table 1. Federated system parameters
Parameter name	Description	Example value
`url`	Base URL of the federated system. For example, `https://example-baw1.apps.bawdev-x300.cp.fyre.ibm.com/baw-instance1`	`https://host/baw-instance1`
`credentialSecret`	Secret containing the username and password with access to the `url` parameter. To generate the secret, run `kubectl create secret generic server-credential --from-literal=serverUser=<your-bawserver-username> --from-literal=serverPassword=<your-bawserver-password>`
`systemTypes`	Comma-separated list of system types that will be federated. The default value is `BPD,CASE` when the federated system is a container deployment, and `BPD` when the federated system is an on premise deployment.	`BPD,CASE`
`additionalHeaders`	List of HTTP headers to add to queries issued by Process Federation Server when it performs requests against the federated system. The list must be a colon-separated list of headers. The default value is `X-PFS-ID=<namespace>-<PFS_custom-resource-name>`
`allowedOrigins`	Acceptable values in the Origin header field. The value of this property must be a comma-separated list of prefixes in the format `protocol://host:port`. The default value is `*`.	`https://example.com, http://example2.com:8080`
`notifications.jmsServer`	JMS server name. To enable the notification server, enter the `notifications` parameters. These parameters are not available if you are federating an on-premise Business Automation Workflow.	`example-instance1-baw-jms-service.baw1.svc`
`notifications.jmsPort`	JMS port. This parameter is not available if you are federating an on-premise Business Automation Workflow.	`7286`
`notifications.jmsCredentialSecret`	Secret containing the JMS username and password. To generate the secret, run `kubectl create secret generic pfs-jms-secret --from-literal=jmsUser=<your-jmsserver-username> --from-literal=jmsPassword=<your-jmsserver-password>` This parameter is not available if you are federating an on-premise Business Automation Workflow.	`<CR name>-<AE name>-aae-app-engine-admin-secret`
`certificates.secrets`	Certificates that must be added to the Process Federation Server truststore. This parameter accepts a list of secret names. Each secret must have a key named `tls.crt` that contains the public key certificate.
`advancedConfig`	Name of the secret that contains the files that will be mounted in the /config/configDropins/overrides folder.

PostgreSQL parameters

The following table shows the federated system parameters to enable PostgreSQL databases.

Table 2. PostgreSQL FederatedSystem parameters
Parameter name	Description	Example value
`postgresqlIndexer.url`	URL of the PostgreSQL database.	`jdbc:postgresql://api.workflow-fvt-auto7.cp.fyre.ibm.com:5432/baw4wpeb`
`postgresqlIndexer.current_schema`	Current schema of the database.
`postgresqlIndexer.credentialSecret`	Secret containing the database username and password. To generate the secret, run `kubectl create secret generic pfs-db-secret --from-literal=dbUser=<your-dbserver-username> --from-literal=dbPassword=<your-dbserver-password>`
`postgresqlIndexer.ssl`	Whether to use Secure Sockets Layer (SSL).	`true`
`postgresqlIndexer.sslCertSecret`	Secret containing the SSL username and password. To generate the secret, run `kubectl create secret generic db-crt-secret --from-file=ca.crt=<your-dbserver-ca-certification-name>.crt` To establish a more secure SSL connection, you can also provide the client's certificate and the matching private key, by running `kubectl create secret generic db-crt-secret --from-file=ca.crt="<your-dbserver-ca-certification-name>.crt" --from-file=tls.crt="<your-client-certification-name>.crt" --from-file=tls.key="<your-client-key-name>.key" --from-literal=sslmode=[verify-ca\|verify-full]`

Oracle parameters

The following table shows the federated system parameters to enable Oracle databases.

Table 3. Oracle FederatedSystem parameters
Parameter name	Description	Example value
`oracleIndexer.url`	URL of the Oracle database.	`jdbc:oracle:thin:@//<oracle_server>:1521/orcl{}`
`oracleIndexer.credentialSecret`	Secret containing the database username and password. To generate the secret, run `kubectl create secret generic pfs-db-secret --from-literal=dbUser=<your-dbserver-username> --from-literal=dbPassword=<your-dbserver-password>`
`oracleIndexer.ssl`	Whether to use Secure Sockets Layer (SSL).	`true`
`oracleIndexer.sslCertSecret`	Secret containing the SSL username and password. To generate the secret, run `kubectl create secret generic db-crt-secret --from-file=ca.crt=<your-dbserver-ca-certification-name>.crt`

Db2 parameters

The following table shows the federated system parameters to enable Db2® databases.

Table 4. Db2 FederatedSystem parameters
Parameter name	Description	Example value
`db2Indexer.serverName`	Db2 database server name.
`db2Indexer.portNumber`	Db2 database post number.
`db2Indexer.databaseName`	Name of the Db2 database.
`db2Indexer.current_schema`	Current schema of the database.
`db2Indexer.credentialSecret`	Secret containing the database username and password. To generate the secret, run `kubectl create secret generic pfs-db-secret --from-literal=dbUser=<your-dbserver-username> --from-literal=dbPassword=<your-dbserver-password>`
`db2Indexer.ssl`	Whether to use Secure Sockets Layer (SSL).	`true`
`db2Indexer.sslCertSecret`	Secret containing the SSL username and password. To generate the secret, run `kubectl create secret generic db-crt-secret --from-file=ca.crt=<your-dbserver-ca-certification-name>.crt`

SQL Server parameters

The following table shows the FederatedSystem parameters to enable SQL Server databases.

Table 5. SQL Server FederatedSystem parameters
Parameter name	Description	Example value
`sqlserverIndexer.serverName`	SQL Server database server name.
`sqlserverIndexer.portNumber`	SQL Server database post number.
`sqlserverIndexer.databaseName`	Name of the SQL Server database.
`sqlserverIndexer.credentialSecret`	Secret containing the database username and password. To generate the secret, run `kubectl create secret generic pfs-db-secret --from-literal=dbUser=<your-dbserver-username> --from-literal=dbPassword=<your-dbserver-password>`
`sqlserverIndexer.ssl`	Whether to use Secure Sockets Layer (SSL).	`true`
`sqlserverIndexer.sslCertSecret`	Secret containing the SSL username and password. To generate the secret, run `kubectl create secret generic db-crt-secret --from-file=ca.crt=<your-dbserver-ca-certification-name>.crt`