Customizing the configuration file

Edit online
Draft comment:
This topic is shared by BAW, CP4BA. Last updated on 2025-03-13 12:15
As a service extension, you can customize your configuration file to handle the security combinations that are supported by Apache Kafka.

About this task

You can use the EnableBAI.py script to customize the configuration file that you created for the BPM event emitter from the BAIConfigure.properties template, for example in the following use cases.
  • You are using an SSL-plain connection and the SSL connection is signed by a renowned Certificate Authority (CA). Instead of using the default configuration properties to provide the keys and password, you can customize the configuration file by providing only the plain username and password combination.
  • You have already configured the Kerberos realms in IBM® Business Automation Workflow.
For more information about event emitter security, see Securing communications from event emitters to Kafka External link opens a new window or tab.
To specify a custom configuration file, you set the type property to the custom value and the configFileLocation property to the path where the custom configuration file is located.
Important: Do not edit the blackList section because it used internally.

Procedure

To customize the configuration file, follow these practices.

  • Write the file in YAML format.
  • Define all the security settings, such as the SSL keystore and truststore.
  • Add the kafka. prefix to all the parameters that are related to the Kafka client. If you are familiar with Kafka Java™ client properties, you can customize any of these values. For example, in the kafkaConfiguration section, you can extend the timeout duration by setting the kafka.session.timeout.ms property to 30000 milliseconds.
  • If necessary, you can override the default values of the following parameters.
    kafka.acks
    The default value is all so that no event is lost. If losing some events is acceptable in your use case, you can relax the constraint and set the parameter to 1 or 0. These values are likely to improve the throughput, too. For details about the values, see the Producer Configs External link opens a new window or tab page of the Kafka documentation.
    kafka.retries
    The default value is 10 so that if an error occurs, the events are resent to prevent event loss. However, in some cases, enabling retries might cause events to be reordered. If you need strong ordering in all cases, set this parameter to false. You can also change the kafka.max.in.flights.requests.per.connection value to 1 but at the cost of decreasing throughput.
    Serialization
    The kafka.key.serializer and kafka.value.serializer parameters are set to org.apache.kafka.common.serialization.StringSerializer. You cannot override these values because they are needed for downstream processing in IBM Business Automation Insights.

Example

kafkaConfiguration:
    kafka.bootstrap.servers: "https://dev-node:9092"
    enabled: true
    monitor.topic: test-topic
    kafka.client.id: bai-bpmn-event-producer
    kafka.security.protocol: SSL
    kafka.ssl.protocol: TLSv1.2
    kafka.ssl.enabled.protocols: TLSv1.2
    kafka.ssl.endpoint.identification.algorithm: HTTPS
    kafka.ssl.truststore.type: JKS
    kafka.ssl.keystore.type: JKS
    kafka.ssl.truststore.location: E:/WorksL3/client.truststore.jks
    kafka.ssl.truststore.password: passw0rd
    kafka.ssl.keystore.location: E:/WorksL3/client.keystore.jks
    kafka.ssl.keystore.password: passw0rd
    kafka.ssl.key.password: passw0rd
blackList:
- "e0eb3ba9-e2ef-32b7-a1b2-d3533a359a62"
- "23d3ecec-6fdb-4033-9c57-e931aa13761f"
- "9645fce4-f4af-450f-8ce3-09d45bdb7920"
- "dbecd816-afed-47b0-ba92-c13256fcb566"
# The identifier for this BPM environment
# It can be the cell name or any other appropriate identifier.
bpmCellName: BPMServerCell01