Sample AS4 Microservice values.yaml
Following sections provide the sample values.yaml for AS4 Microservice manual configuration.
Sample values.yaml for AS4 Microservice
# (C) Copyright 2025 Precisely Incorporated. All rights reserved.
# Default values for AS4.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
## Set the value to True in order to accept the application license
## AS4 service @ https://ibm.biz/AS4_621
license: false
# Specify the license edition as per license agreement. Valid value is prod or non-prod for Production and
# Non-production respectively. Remember that this parameter is crucial for IBM Licensing and Metering Service
# This specific relese is a Tech-Preview release, only non-prod is supported. And it would be changed in future relases.
licenseType: "non-prod"
image:
repository: "cp.icr.io/cp/ibm-b2bi/b2bi-as4service"
# Provide the tag value in double quotes
tag: "6.2.1.0"
# If digest is specified, it takes precedence over tag
digest: sha256:6b501ab70d50edbbf1e664efb232d504bc332276a8098e796fca8b15cebfe2c2
pullPolicy: IfNotPresent
pullSecret: "ibm-entitlement-key"
arch:
amd64: "2 - No Preference"
ppc64le: "2 - No Preference"
s390x: "2 - No Preference"
serviceAccount:
name: default
persistence:
enabled: true
useDynamicProvisioning: false
resourcesInit:
enabled: true
image:
repository: "cp.icr.io/cp/ibm-b2bi/b2bi-resources"
tag: "6.2.1.0"
digest: sha256:2522ac5317756a194d75442897e56285dc0188d80a24449be148a5ff61edfbef
pullPolicy: "IfNotPresent"
command:
appResourcesPVC:
enabled: false
storageClassName: "standard"
selector:
label: "intent"
value: "resources"
accessMode: ReadOnlyMany
size: 500Mi
preDefinedResourcePVCName:
appLogsPVC:
enabled: false
storageClassName: "standard"
selector:
label: "intent"
value: "logs"
accessMode: ReadWriteMany
size: 500Mi
preDefinedLogsPVCName:
appDocumentsPVC:
enabled: false
storageClassName: "standard"
selector:
label: "intent"
value: "storage"
accessMode: ReadWriteMany
size: 1Gi
preDefinedDocumentPVCName:
extraPVCs: []
#- name:
# storageClassName:
# selector:
# label:
# value:
# accessMode:
# size:
# mountPath:
# subPath:
security:
supplementalGroups: [65534]
fsGroup:
runAsUser:
runAsGroup:
# enable this to setup database.
dataSetup:
enabled: true
## User need to configure either the GlobalDBSecret if using only 1 Database or use the individual DB secrets(Identity dbSecret ,
## Comms dbSecret , Infra dbSecret , UI dbSecret ) with each DB if using the multiple databases.
dbSetup:
dbVendor: "MSSQL"
dbHost: "dbhost.ibm.com"
dbPort: 1433
dbDrivers: mssql-jdbc-12.8.1.jre8.jar
dbSecret: "as4-db-secret"
#Database name for Identity
identityDbData: "ID_IB"
#Database name for Comms
commsDbData: "COMMS_IB"
#Database name for Infra
infraDbData: "INFRA_IB"
#Database name for UI
uiDbData: "UI_IB"
#Database schema name for Identity. This need to be entered only if DB2 database is used.
identitySchema:
#Database schema name for Comms. This need to be entered only if DB2 database is used.
commsSchema:
#Database schema name for Infra . This need to be entered only if DB2 database is used.
infraSchema:
#Database schema name for UI . This need to be entered only if DB2 database is used.
uiSchema:
# Values can be either true or false. and used for only Oracle DB Vendor.
useOracleServiceName: false
# Values can be either true or false
usessl: false
#SSL Version to be used for Database connection.
sslVersion: ""
# Specify DB truststore file name including it's path relative to the mounted resources volume location, if applicable. Required when usessl is true.
# When dbTruststoreSecret is mentioned, provide the name of the key holding the certificate data.
dbTruststore: "mssq_trust_store.jks"
# Name of the DB truststore secret containing the certificate, if applicable
dbTruststoreSecret: "mssql-secret"
# Specify DB keystore file name including it's path relative to the mounted resources volume location, if applicable
# When dbKeystoreSecret is mentioned, provide the name of the key holding the certificate data.
dbKeystore:
# Name of the DB keystore secret containing the certificate, if applicable
dbKeystoreSecret:
# Below configs are specifically used when DBVendor is set to MSSQL only.
MSSQL_HOST_NAME_IN_CERTIFICATE: ""
MSSQL_TRUST_SERVER_CERTIFICATE: true
MSSQL_ENCRYPT: true
mqSetup:
mqHost: "mqhost.ibm.com"
mqPort: 1495
mqServerChannel: "MQ_AS4Channel"
mqServerQueueManager: "MQ_AS4Queue"
mqSecret: "as4-mq-secret"
wxsSetup:
wxsSecret: "as4-wxs-secret"
setupCfg:
# Protocol to be used by liberty for communications.
sslProtocol: "TLSv1.2"
# UserExit Authentication ServiceId for Outbound
userexitAuthenticationOutboundServiceId:
# UserExit Authentication ServiceId for Inbound
userexitAuthenticationInboundServiceId:
logs:
# true if user wish to redirect the application logs to console else false. If provided value is true , then application logs will reside inside containers. No volume mapping will be used.
enableAppLogOnConsole: true
# For easy URL access during testing may use NodePort instead of ClusterIP,
# but for prod ensure the correct type is defaulted.
service:
type: ClusterIP
externalPort: 80
ingress:
enabled: true
controller: "nginx"
annotations: {}
port:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution: []
preferredDuringSchedulingIgnoredDuringExecution: []
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution: []
preferredDuringSchedulingIgnoredDuringExecution: []
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution: []
preferredDuringSchedulingIgnoredDuringExecution: []
topologySpreadConstraints: []
#- maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
#- maxSkew: 1
# topologyKey: kubernetes.io/hostname
# whenUnsatisfiable: ScheduleAnyway
# for Taints and Tolerations
tolerations: []
#- key: key1
# operator: Equal
# value: value1
# effect: NoExecute
# tolerationSeconds: 3600
#- key: key2
# operator: Exists
# effect: NoSchedule
env:
extraEnvs: []
#- name: FOO
# valueFrom:
# secretKeyRef:
# name: secret-name
# key: FOO
#- name: BAR
# valueFrom:
# configMapRef:
# name: configmap-name
# key: BAR
#- name: FOOBAR
# value: foobar
as4catalog:
replicaCount: 1
env:
jvmOptions:
#Refer to global env.extraEnvs for sample values
extraEnvs: []
server:
port: 2809
ssl:
enabled: false
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
requests:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
livenessProbe:
initialDelaySeconds: 59
timeoutSeconds: 10
periodSeconds: 60
readinessProbe:
initialDelaySeconds: 59
timeoutSeconds: 10
periodSeconds: 60
command:
arg: []
#- arg1
#- arg2
##Autoscaling is not expected for as4catalog. The replica count should be set accordingly.
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 2
targetCPUUtilizationPercentage: 60
ingress:
internal:
host: "catalog.apps.openshift.in.ibm.dev"
tls:
enabled: false
secretName: ""
extraPaths: []
#- routePrefix: ""
# path: ""
# servicePort: ""
# enableHttps:
external:
host: ""
tls:
enabled: false
secretName: ""
extraPaths: []
# - routePrefix: "hello"
# path: "/hello"
# servicePort: "my-http"
# enableHttps: false
# access: "internal"
as4container:
replicaCount: 1
env:
jvmOptions:
#Refer to global env.extraEnvs for sample values
extraEnvs: []
server:
port: 3909
ssl:
enabled: false
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
requests:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
livenessProbe:
initialDelaySeconds: 120
timeoutSeconds: 10
periodSeconds: 60
readinessProbe:
initialDelaySeconds: 120
timeoutSeconds: 10
periodSeconds: 60
command:
arg: []
#- arg1
#- arg2
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 2
targetCPUUtilizationPercentage: 60
ingress:
internal:
host: "container.apps.openshift.in.ibm.dev"
tls:
enabled: false
secretName: ""
extraPaths: []
# - routePrefix: "hello"
# path: "/hello"
# servicePort: "my-http"
# enableHttps: false
external:
host: ""
tls:
enabled: false
secretName: ""
extraPaths: []
# - routePrefix: "hello"
# path: "/hello"
# servicePort: "my-http"
# enableHttps: false
# access: "internal"
as4operational:
replicaCount: 1
env:
jvmOptions:
#Refer to global env.extraEnvs for sample values
extraEnvs: []
server:
port: 9443
ssl:
enabled: false
extraPorts:
name: "push-port"
port: 14340
targetPort: 14340
nodePort: 14340
protocol: TCP
backendService:
type: LoadBalancer
# Supported values are "ClientIP" & "None". Default is "None".
sessionAffinity: None
#override session affinity timeout configuration (applicable when sessionAffinity is configured other than "None")
sessionAffinityConfig:
timeoutSeconds: 10800
#specify any additional configuration applicable for the specified sessionAffinity option
# property1: value1
# property2: value2
# Supported values are "Cluster" & "Local". Default is "Cluster".
externalTrafficPolicy: Cluster
ports: []
#- name: adapter-1
# port: 14351
# targetPort: 14351
# nodePort: 14351
# protocol: TCP
portRanges: []
#- name: adapters
# portRange: 14401-14500
# targetPortRange: 14401-14500
# nodePortRange: 14401-14500
# protocol: TCP
loadBalancerIP:
loadBalancerSourceRanges: []
#- "143.231.0.0/16"
annotations: {}
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
requests:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
livenessProbe:
initialDelaySeconds: 120
timeoutSeconds: 10
periodSeconds: 60
readinessProbe:
initialDelaySeconds: 120
timeoutSeconds: 10
periodSeconds: 60
command:
arg: []
#- arg1
#- arg2
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 60
ingress:
internal:
host: "operational.apps.openshift.in.ibm.dev"
tls:
enabled: true
secretName: ""
extraPaths:
routePrefix: "sync"
path: "/sync"
servicePort: "push-port"
enableHttps: false
as4informational:
replicaCount: 1
env:
jvmOptions:
#Refer to global env.extraEnvs for sample values
extraEnvs: []
server:
port: 19443
# comma seperated app trusted domains for the app, used for referer value checking in request header
# for requests which are not comming from same origin
# eg example.com,abc.co.in
trustedDomains:
ssl:
enabled: false
keyStoreSecretName: "as4-secret"
trustStoreSecretName:
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
requests:
cpu: 4000m
memory: 4Gi
ephemeral-storage: "4Gi"
livenessProbe:
initialDelaySeconds: 120
timeoutSeconds: 10
periodSeconds: 60
readinessProbe:
initialDelaySeconds: 120
timeoutSeconds: 10
periodSeconds: 60
command:
arg: []
#- arg1
#- arg2
startupProbe:
initialDelaySeconds: 120
timeoutSeconds: 5
periodSeconds: 30
failureThreshold: 3
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 2
targetCPUUtilizationPercentage: 60
internalAccess:
enableHttps: true
httpsPort:
tlsSecretName:
externalAccess:
protocol: http
address:
port:
ingress:
internal:
host: "informational.apps.openshift.in.ibm.dev"
tls:
enabled: true
secretName: ""
extraPaths:
#- routePrefix: "as4svc"
path: "/as4svc"
# servicePort: "as4svc"
# enableHttps: false
external:
host: ""
tls:
enabled: true
secretName: ""
extraPaths: []
# - routePrefix: "hello"
# path: "/hello"
# servicePort: "my-http"
# enableHttps: false
# access: "internal"
## Enable custom grafana dashboard load on install
dashboard:
enabled: true
# Test container
test:
image:
repository: 'cp.icr.io/cp/opencontent-common-utils'
tag: '1.1.68'
digest: sha256:8e0d93b29b6f2f9cfed183bc21545579653b79a5261721c1f50ffc089e0ad45f
pullPolicy: 'IfNotPresent'
documentService:
enabled: false
sslEnabled: false
useGrpc: false
grpcPoolSize: 150
readBufferSize: 32768
service:
externalPort: 443
externalGrpcPort: 8044
serviceAccount:
name: default
application:
server:
ssl:
enabled: false
tlsSecretName:
trustStoreSecretName:
trustStoreType: PKCS12
clientAuth: want
objectstore:
namespace:
connectionPoolConfig:
maxTotalConnections: 250
maxConnectionsPerRoute: 100
connectTimeout: 10000
readTimeout: 60000
idleTimeout: 60000
idleMonitorThread: true
waitTimeout: 30000
keepAlive: 300000
retryCount: 2
disableContentCompression: true