IBM Business Automation Application Engine parameters

Provide the details that are relevant to your IBM Business Automation Application Engine environment and your decisions for the deployment of the container.

The following tables list the configurable parameters and their default values. All properties are mandatory, unless they have a default value or are explicitly optional. Although Application Engine might seem to install correctly when some parameters are omitted, this kind of configuration is not supported.

The application_engine_configuration parameter is a list. You can deploy multiple instances of Application Engine. You can assign different configurations for each instance by following these rules.

Assign a different name to each instance by giving application_engine_configuration[*].name a different value.
Assign a different hostname to each instance by giving assign application_engine_configuration[*].hostname a different value to make it accessible.

The following tables list the parameters for configuring Application Engine.

Shared configuration
Application Engine parameters
Resource Registry parameters

Application Engine parameters

The following table lists the parameters for configuring Application Engine.

Table 1. Application Engine parameters (application_engine_configuration)
Parameter name	Description	Example value	Required
name	Name of the Application Engine instance. The name for each item in the array must be different. The name can consist of lowercase alphanumeric characters or '-', and must start and end with an alphanumeric character. Keep the instance name short.		No
hostname	aae-ae-service route hostname. If the hostname is not set, a default hostname with the following format is used. `ae-<AE instance name>-<shared_configuration.sc_deployment_hostname_suffix>` This parameter is used only by stand-alone Business Automation Workflow on containers.		No
port	Application Engine port (only when using NodePort service). The default value is 443.	443	No
admin_user	Designate an LDAP user for the Application Engine admin user. This user must have IBM Business Automation Navigator administrator rights. For more information, see Completing post-deployment tasks for Application Engine.		Yes
admin_secret_name	Existing Application Engine administrative secret for sensitive configuration data. The default value is `<CR name>-<AE name>-aae-app-engine-admin-secret`.	`<CR name>-<AE name>-aae-app-engine-admin-secret`	No
external_tls_secret	This parameter is used only by stand-alone Business Automation Workflow on containers. For the aae-ae-service route, the name of the secret that contains the certificates and Transport Layer Security (TLS) private key to be used for the route. If you set this parameter, the setting overrides the default generated certificate and the shared setting for route certificates. If you need to customize the route's certificate, create a secret using the following command and set the secret name to the property. `kubectl create secret generic ext-tls-crt-secret --from-file=tls.crt=<path to crt file> --from-file=tls.key=<path to key file>` The crt file must contain the route certificate followed by any intermediate CA signer certificates and the root CA signer certificate in an unencrypted PEM format. The key file must also be in unencrypted PEM format.		No
replica_size	Number of Application Engine deployment replicas. The default value is 1.	1	No
data_persistence.enable	To enable the data persistence feature on Application Engine, set this to `true`. The default value is `false`.	`false`	No
object_store_name	The object store name used for data persistence. If application data persistence is enabled, input one CPE object store name. The default value is `AEOS`.	`AEOS`	No
use_custom_jdbc_drivers	Whether to use a custom JDBC driver for Db2® database instead of the embedded one. If you don't want to use a custom driver, keep the default. The default value is `false`. If you use an Oracle or a PostgreSQL database, make sure that the value is set to `true`.	`false`	No
service_type	Application Engine service type. The default value is `Route`.	`Route`	No
external_connection_timeout	Number of seconds after which the Route connection times out. The default value is `90s`.	`90s`	No
autoscaling.enabled	Whether to enable the Horizontal Pod Autoscaler for Application Engine. The default value is `false`.	`false`	No
autoscaling.min_replicas	Minimum number of pods for Application Engine when autoscaling is enabled. The default value is 2.	2	No
autoscaling.max_replicas	Maximum number of pods for Application Engine when autoscaling is enabled. The default value is 5.	5	No
autoscaling.target_average_utilization	Target average CPU utilization over all the pods for the Application Engine init container when autoscaling is enabled. The default value is 80.	80	No
database.host	(Only for Db2 or PostgreSQL) Application Engine database host. It must be an accessible address, such as an IP, hostname, or Kubernetes service name.		Yes
database.name	(Only for Db2 or PostgreSQL) Application Engine database name.		Yes
database.port	(Only for Db2 or PostgreSQL) Application Engine database port,.		Yes
database.alternative_host	(Only for Db2 or PostgreSQL) Application Engine database alternative host for database automatic client reroute (ACR) with high availability disaster recovery (HADR). If you want to enable the database ACR and HADR, configure both alternative_host and alternative_port. You must have Db2 servers whose hostnames can be resolved to IP addresses correctly in App Engine containers.		No
database.alternative_port	(Only for Db2 or PostgreSQL) Application Engine database alternative host for database automatic client reroute (ACR) with high availability disaster recovery (HADR). If you want to enable the database ACR and HADR, configure both alternative_host and alternative_port.		No
database.type	Application Engine database type. Db2, Oracle and PostgreSQL are supported. The default value is `db2`.	`db2`	No
database.enable_ssl	Whether to enable Secure Sockets Layer (SSL) support for the database connection. The default value is `false`.	`false`	No
database.db_cert_secret_name	Secret name for storing the database TLS certificate when an SSL connection is enabled.		Yes
database.oracle_url_without_wallet_directory	If you use an Oracle database, enter the Oracle connection URL. The format is `(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=<your-oracle-database-hostname>)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=<your-oracle-database-service-name>))))`.		No
database.oracle_url_with_wallet_directory	Required when you enable SSL for Oracle database, you must enter the Oracle connection URL with the wallet path. The format is `(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=<your-oracle-database-hostname>)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=<your-oracle-database-service-name>))(SECURITY=(SSL_SERVER_DN_MATCH=FALSE)(MY_WALLET_DIRECTORY=/shared/resources/oracle/wallet)))`.		No
database.current_schema	Application Engine database schema. If you use an Oracle database, you can set it to empty. The default schema of your Oracle connection user will be set automatically, or you can also set it to your customized schema. The default value is `DBASB`.	`DBASB`	No
database.oracle_sso_wallet_secret_name	Secret name for storing wallet SSO binary file when an SSL connection is enabled and Oracle database is selected.		No
database.initial_pool_size	Initial pool size of the Application Engine database. The default value is 1.	1	No
database.max_pool_size	Maximum pool size of the Application Engine database. The default value is 100.	100	No
database.max_lru_cache_size	Maximum Least Recently Used (LRU) cache size of the Application Engine database. The default value is 1000.	1000	No
database.max_lru_cache_age	Maximum LRU cache age of the Application Engine database. The default value is 600000.	600000	No
database.dbcompatibility_max_retries	Maximum number of times to retry checking database compatibility. The default value is 30.	30	No
database.dbcompatibility_retry_interval	Retry interval for checking database compatibility. The default value is 10.	10	No
database.custom_jdbc_pvc	Persistent volume claim (PVC) for the Application Engine custom JDBC driver		No
log_level.node	Log level for output from the Application Engine server. The default value is `info`.	`info`	No
log_level.browser	Log level for output from the web browser. The default value is 2.	2	No
content_security_policy.enable	Whether to enable the content security policy for Application Engine. The default value is `false`.	`false`	No
content_security_policy.whitelist	Configuration of the Application Engine content security policy whitelist		No
env.max_size_lru_cache_rr	Maximum size of the cache for the Resource Registry. The default value is 1000.	1000	No
env.server_env_type	Application Engine deployment type. The default value is `development`.	`development`	No
env.purge_stale_apps_interval	(Application Engine playback server only) Interval for the purging job to run to purge stale apps. The default value is 86400000.	86400000	No
env.apps_threshold	(Application Engine playback server only) Minimum number of existing apps for purging job to start purging stale apps. The default value is 100.	100	No
env.stale_threshold	(Application Engine playback server only) Age of the apps to be considered as stale. The default value is 172800000.	172800000	No
env.service_threshold	(Application Engine playback server only) Minimum number of preview-only automation services in the server for purging job to start purging stale preview-only automation services. The default value is 100.	100	No
env.service_stale_threshold	(Application Engine playback server only) Age, in milliseconds, of preview-only automation service since publish to be considered as stale. The default value is 172800000.	172800000	No
env.uv_thread_pool_size	UV thread pool size of the Application Engine NodeJS server. Increase this number if your Application Engine must support a high volume of traffic. The default value is 40.	40	No
env.connection_timeout	Service socket connection timeout in milliseconds. The default value is 120000.	120000	No
env.custom_environment_variables	Set the custom variables for your environment. For example, to set the timezone for the pod, you might enter: `-key: TZ` `value: Europe/Warsaw`		No
images.db_job.repository	Image name for the Application Engine database job container. By default, the path points to the URL and location in the IBM Entitled Registry. The default value is `<path>/solution-server-helmjob-db` where `<path>` is `cp.icr.io/cp/cp4a/aae/`. If `sc_image_repository` has a value, the path is that value.	`<path>/solution-server-helmjob-db`	No
images.db_job.tag	Image tag for the Application Engine database job container. If you want to use a specific image version, you can override the default tag or digest.	`21.0.3`	No
images.solution_server.repository	Image name for the Application Engine container. By default, the path points to the URL and location in the IBM Entitled Registry. The default value is `<path>/solution-server` where `<path>` is `cp.icr.io/cp/cp4a/aae/`. If `sc_image_repository` has a value, the path is that value.	`<path>/solution-server`	No
images.solution_server.tag	Image tag for the Application Engine container. If you want to use a specific image version, you can override the default tag or digest.	`21.0.3`	No
max_age.auth_cookie	Maximum age of an authentication cookie. The default value is 900000.	900000	No
max_age.csrf_cookie	Maximum age of a Cross-Site Request Forgery (CSRF) cookie. The default value is 3600000.	3600000	No
max_age.static_asset	Maximum age of a static asset cache. The default value is 2592000.	2592000	No
max_age.hsts_header	The HTTP Strict-Transport-Security response header (often abbreviated as HSTS). The default value is 2592000.	2592000	No
probe.liveness.failure_threshold	When a pod starts and the probe fails, Kubernetes tries this number of times before giving up. Minimum value is 1. The default value is 5.	5	No
probe.liveness.initial_delay_seconds	Number of seconds after the container starts before the liveness probe is initiated. The default value is 60.	60	No
probe.liveness.period_seconds	How often to do the liveness probe (in seconds). The default value is 10.	10	No
probe.liveness.timeout_seconds	Number of seconds after which the probe times out. The default value is 180.	180	No
probe.liveness.success_threshold	Minimum consecutive successes for the probe to be considered successful after failing. Minimum value is 1. The default value is 1.	1	No
probe.readiness.failure_threshold	When a pod starts and the probe fails, Kubernetes tries this number of times before giving up. Minimum value is 1. The default value is 5.	5	No
probe.readiness.initial_delay_seconds	Number of seconds after the container starts before the readiness probe is initiated. The default value is 10.	10	No
probe.readiness.period_seconds	How often to do the readiness probe (in seconds). The default value is 10.	10	No
probe.readiness.timeout_seconds	Number of seconds after which the probe times out. The default value is 180.	180	No
probe.readiness.success_threshold	Minimum consecutive successes for the probe to be considered successful after failing. Minimum value is 1. The default value is 1.	1	No
redis.host	Hostname of the Remote Dictionary Server (Redis) database that is used by Application Engine		No
redis.port	Port number of the Redis database that is used by Application Engine		No
redis.ttl	Time To Live for the session in the Redis database. The default value is 1800.	1800	No
redis.tls_enabled	Whether to enable TLS connection for Redis. If yes, set it to `true`, and put your redis server CA certificate in tls_trust_list or trusted_certificate_list of your custom resource. The default value is `false`.	`false`	No
redis.username	Redis username. If you are using Redis V6 or later, fill in this field. Otherwise, leave this field empty.		No
resource_ae.limits.cpu	Maximum amount of CPU that is required for the Application Engine container. The default value is `500m`.	`500m`	No
resource_ae.limits.memory	Maximum amount of memory that is required for the Application Engine container. The default value is `1Gi`.	`1Gi`	No
resource_ae.requests.cpu	Minimum amount of CPU that is required for the Application Engine container. The default value is `300m`.	`300m`	No
resource_ae.requests.memory	Minimum amount of memory that is required for the Application Engine container. The default value is `256Mi`.	`256Mi`	No
resource_init.limits.cpu	Maximum amount of CPU that is required for the Application Engine init container. The default value is `500m`.	`500m`	No
resource_init.limits.memory	Maximum amount of memory that is required for the Application Engine init container. The default value is `256Mi`.	`256Mi`	No
resource_init.requests.cpu	Minimum amount of CPU that is required for the Application Engine init container. The default value is `100m`.	`100m`	No
resource_init.requests.memory	Minimum amount of memory that is required for the Application Engine init container. The default value is `128Mi`.	`128Mi`	No
session.check_period	(For non-external session store) Interval to purge expired sessions from the session store. The default value is 3600000.	3600000	No
session.duration	(For non-external session store) Time to live for the session. The default value is 1800000.	1800000	No
session.max	(For non-external session store) Maximum number of sessions stored. The default value is 10000.	10000	No
session.resave	Whether to enable session resaving. The default value is `false`.	`false`	No
session.rolling	Whether to enable session rolling. The default value is `true`.	`true`	No
session.save_uninitialized	Whether to save uninitialized sessions. The default value is `false`.	`false`	No
session.use_external_store	Use an external store for storing sessions. The default value is `false`.	`false`	No
server_locale	Locale of the server. The default value is `en`.	`en`	No
share_storage. enabled	Shared storage to share the file upload cache among servers for Application Engine. The default value is `true`.	`true`	No
share_storage. pvc_name	PVC for the Application Engine shared storage		No
share_storage.auto_provision.enabled	Dynamic provisioner to provision the PVs and PVCs. The default value is `true`.	`true`	No
share_storage. auto_provision.storage_class	The dynamic storage classname for provisioning the PVs and PVCs		No
share_storage. auto_provision.size	Storage size for the PVs for Application Engine. The default value is `20Gi`.	`20Gi`	No
tls.tls_trust_list	Trusted certificate secret names. Application Engine trusts those certificates for communication. The default value is `[]`.	`[]`	No
log_storage.enabled	Log storage to store the logs for Application Engine. The default value is `true`.	`true`	No
log_storage.pvc_name	The name of the persistent volume claim (PVC) for log storage. The default value is `cp4a-shared-log-pvc`.	`cp4a-shared-log-pvc`	No
log_storage.log_file_size	Storage size for the PVs for log storage. The default value is `20M`.	`20M`	No
log_storage.log_rotate_size	Save up to the maximum files. The default value is 5.	5	No
log_storage.auto_provision.enabled	Dynamic provisioner to provision the PVs and PVCs for log storage. The default value is `true`.	`true`	No
log_storage. auto_provision.storage_class	The dynamic storage classname for provisioning the PVs and PVCs for log storage		No
log_storage. auto_provision.size	Storage size for the PVs for log storage. The default value is `5Gi`.	`5Gi`	No

Resource Registry parameters

The following table lists the parameters for configuring Resource Registry. All parameters are optional.

Table 2. Resource Registry parameters (resource_registry_configuration)
Parameter name	Description	Example values
admin_secret_name	Existing Resource Registry administrative secret for sensitive configuration data. The default value is `<CR name>-rr-admin-secret`.	`<CR name>-rr-admin-secret`
hostname	rr-route hostname. If the hostname is not set, a default hostname with the following format is used. `rr-<shared_configuration.sc_deployment_hostname_suffix>` This parameter is used only by stand-alone Business Automation Workflow on containers.
port	Resource Registry port for using the NodePort service. The default value is 443.	`443`
replica_size	Number of etcd nodes in the cluster. The default value is `1`.	`1`
images.resource_registry.repository	Repository and name of the Resource Registry image. By default, the path points to the URL and location in the IBM Entitled Registry. The default value is `<path>/dba-etcd` where `<path>` is `cp.icr.io/cp/cp4a/aae/`. If `sc_image_repository` has a value, the path is that value.	`<path>/dba-etcd`
images.resource_registry.tag	Tag name of the Resource Registry image. .If you want to use a specific image version, you can override the default tag or digest.	`21.0.3`
tls.tls_secret	Existing TLS secret that contains tls.key and tls.crt
probe.liveness.initial_delay_seconds	Number of seconds after the container starts before the liveness probe is initiated. The default value is 60.	60
probe.liveness.period_seconds	How often (in seconds) to perform the probe. The default value is 10.	10
probe.liveness.timeout_seconds	Number of seconds after which the probe times out. The default value is 5.	5
probe.liveness.success_threshold	Minimum consecutive successes for the probe to be considered successful after failing. Minimum value is 1. The default value is 1.	1
probe.liveness.failure_threshold	When a pod starts and the probe fails, Kubernetes tries this number of times before giving up. Minimum value is 1. The default value is 3.	3
probe.readiness.initial_delay_seconds	Number of seconds after the container starts before the readiness probe is initiated. The default value is 10.	10
probe.readiness.period_seconds	How often (in seconds) to perform the probe. The default value is 10.	10
probe.readiness.timeout_seconds	Number of seconds after which the probe times out. The default value is 5.	5
probe.readiness.success_threshold	Minimum consecutive successes for the probe to be considered successful after failing. Minimum value is 1. The default value is 1.	1
probe.readiness.failure_threshold	When a pod starts and the probe fails, Kubernetes tries this number of times before giving up. Minimum value is 1. The default value is 3.	3
resources.limits.cpu	CPU limit for Resource Registry configuration. The default value is `500m`.	`500m`
resources.limits.memory	Memory limit for Resource Registry configuration. The default value is `512Mi`.	`512Mi`
resources.requests.cpu	Requested CPU for Resource Registry configuration. The default value is `100m`.	`100m`
resources.requests.memory	Requested memory for Resource Registry configuration. The default value is `256Mi`.	`256Mi`
auto_backup.enable	Whether to enable automatic backup for Resource Registry. If you enable automatic backup, you must create a persistent volume (PV). See Optional: Implementing storage. The default value is `true`.	`true`
auto_backup.minimal_time_interval	Minimal time interval for automatic backup. The default value is 300.	300
auto_backup.pvc_name	The name of the persistent volume claim (PVC) for automatic backup. The default value is `<name>-dba-rr-pvc`.	`<name>-dba-rr-pvc`
auto_backup.log_pvc_name	The name of the persistent volume claim (PVC) for log storage for automatic backup. The default value is `cp4a-shared-log-pvc`.	`cp4a-shared-log-pvc`
auto_backup.dynamic_provision.enable	Whether to enable dynamic provisioning to provision the PVs and PVCs. The default value is `true`.	`true`
auto_backup.dynamic_provision.size	Storage size for PVs. The default value is `3Gi`.	`3Gi`
auto_backup.dynamic_provision.size_for_logstore	Storage size for PVs of log store
auto_backup.dynamic_provision.storage_class	Dynamic storage class name to provision the PVs and PVCs. The default value is `{{ shared_configuration.storage_configuration.sc_fast_file_storage_classname }}`.	`{{ shared_configuration.storage_configuration.sc_fast_file_storage_classname }}`