Configuring the params.ini file

The specified configuration parameter determines the deployment environment for the application. If set to true, it indicates that the installation is being performed on a VM. Conversely, if this option is not set or is set to false, the deployment will be executed on a Kubernetes cluster. This setting is crucial in distinguishing between the two deployment environments, ensuring that the application is properly configured and installed according to the chosen environment.

The INSTALL_CONCERT parameter is a configuration option that controls whether Concert should be installed as part of the deployment process. If set to true, Concert will be installed, while a value of false or keeping blank this variable will result in Concert not being installed. This setting allows for flexibility in the installation process, enabling or disabling the installation of Concert based on specific requirements or use cases.

The INSTALL_DATAAPPS parameter is a configuration option that controls whether Concert Data Apps should be installed as part of the deployment process. If set to true, Concert Data Apps will be installed, while a value of false or keeping blank this variable will result in Concert Data Apps not being installed. This setting allows for flexibility in the installation process, enabling or disabling the installation of Concert Data Apps based on specific requirements or use cases.

The INSTALL_WORKFLOWS parameter is a configuration option that controls whether Concert Workflows should be installed as part of the deployment process. If set to true, Concert Workflows will be installed, while a value of false or keeping blank this variable will result in Concert Workflows not being installed. This setting allows for flexibility in the installation process, enabling or disabling the installation of Concert Workflows based on specific requirements or use cases.

The INSTALL_SECURECODER parameter is a configuration option that controls whether Secure Coder should be installed as a part of the deployment process. By default, this parameter is set to false, which means Secure Coder is disabled. If set to true, Secure Coder will be enabled, providing integration with Mend for security and vulnerability scanning.

This flag is used to specify the user for the registry. By default, this user is set to cp, indicating that if no alternative user is specified, cp will be used as the default registry user.

Specifies the registry where container images are hosted, serving as a crucial indicator for image storage and retrieval. By default, the value is set to cp.icr.io/cp, which points to a specific registry location. This default value can be modified to point to a different registry if needed, allowing for flexibility in managing container images across various environments.

By default, when you run the installation script on a VM, the installation script checks for sufficient free disk space on a VM to ensure a successful installation. To skip this check, you can set the parameter to TRUE. This allows the installation to proceed without verifying the available disk space.

Optional: The HUB_URL parameter is a configuration setting that specifies the URL of an existing Hub. This parameter is used when installing the products to an existing Hub, rather than installing a fresh Hub instance. This means that the installation process will not include the setup of a fresh Hub instance. Instead, the system will be configured to connect to an existing Hub at a specified URL. If the HUB_URL is empty, then Hub will be installed with the deployment.

This flag indicates the registry where the Hub images are hosted. The params.ini file has a default image registry suffix value of /platform-hub. You should not modify this value, as /platform-hub is a fixed setting for your installation.

Optional: The HUB_ACCESS_KEY parameter is a required configuration setting when the HUB_URL is set. This means that if the HUB_URL is provided, The HUB_ACCESS_KEY must also be specified in order to authenticate and authorize access to the existing Hub.

Optional: The HUB_HTTPS_PORT is a configuration setting that specifies the port number used for secure access to the Hub. A default HTTPS port for Hub is set to 12443. You can customize this port by setting a different port number, if required.

The HUB_SYSTEMD_ENABLE parameter is used to control whether systemd should be enabled in Hub. To enable systemd, set the value of HUB_SYSTEMD_ENABLE to y.

Indicates the registry where the Concert images are hosted. The params.ini file has a default image registry suffix value of /concert. You should not modify this value, as /concert is a fixed setting for your installation.

Indicates the registry where the Concert Data Apps images are hosted. The params.ini file has a default image registry suffix value of /concert. You should not modify this value, as /concert is a fixed setting for your installation.

Indicates the instance address, which is the fully qualified domain name (FQDN) (e.g., hostname.domain.com) of the VM where Concert Workflows is hosted.

To find the FQDN, you can use commands such as hostname -f on Linux® systems, which returns the FQDN of the host. The FQDN is a complete domain name for a host on a network, and it includes both the hostname and the domain name. For example, if the hostname of your VM is concert-vm and it is part of the domain example.com, the FQDN would be concert-vm.example.com.

Optional: The WORKFLOWS_ENABLE_FAAS parameter is an optional configuration setting that controls whether FaaS functionality is enabled for Concert Workflows. By default, this parameter is set to true, which means FaaS functionality is enabled. If required, you can set to false, then the FaaS functionality will be disabled. This parameter allows for flexibility in Concert Workflows configuration, enabling or disabling FaaS support based on specific requirements or use cases.

Optional: The WORKFLOWS_FAAS_NS parameter is utilized to specify the namespace for FaaS components. By default, this namespace is set to faas. If required, you can set the FaaS namespace value.

Optional: The WORKFLOWS_ENABLE_ISTIO parameter is an optional configuration setting that controls whether Istio is enabled for mutual Transport Layer Security (mTLS). By default, this parameter is set to false, which means Istio is disabled. If set to true, Istio will be enabled, providing mTLS capabilities for secure communication between services.

Optional: Specifies the namespace where Concert Workflows will be installed. By default, the Concert Workflows will be installed in the concert-workflows namespace. Leave this parameter unset to use the default namespace. If you cannot use the default namespace, set your own namespace value.

Optional: Indicates the file path of the custom values configuration file created, which is used to customize AI model settings.

By default, this parameter is set to true. It enables a Concert Workflows worker to pause its running workflows and save the workflow state to the database before it is terminated. To force workers to complete their workflows before termination, set this parameter to false.

Before a Concert Workflows worker is terminated, it pauses the workflows that it is running. To prevent workflows from being paused indefinitely, a timeout period is applied. If a workflow is still paused when the timeout is reached, the workflow is terminated. Use this parameter to define the termination timeout period in seconds for local workers. The default timeout period is 1800 seconds (30 minutes).

When a worker runs a workflow, it generates a user-scoped token to impersonate the user that triggered the workflow. The worker uses this token to fetch workflow definitions and authentication objects. Use this parameter to define the validity period of the token. The default validity period is 3600 seconds (1 hour).

Indicates the registry where the Securecoder images are hosted. The params.ini file has a default image registry suffix value of /concert. You should not modify this value, as /concert is a fixed setting for your installation.

Optional: Specifies the namespace where Securecoder will be installed. By default, the Securecoder will be installed in the concert-securecoder namespace. Leave this parameter unset to use the default namespace. If you cannot use the default namespace, set your own namespace value.

If you want to enable Concert Buddy to use the Secure Coder browser experience, set this value to true or set it to false to disable it. By default, Concert Buddy is disabled.

If ENABLE_BUDDY is true, set this value to pass the storage class name for Concert.

Secure Coder offers a workspace scans feature, which utilizes the MendCLI tool to provide Static Application Security Testing (SAST) and Software Composition Analysis (SCA) scans. By default, this parameter is set to false, which means Mend scanning is disabled. If set to true, enables Mend SAST or OSS scanner integration.

If SECURECODER_MEND_ENABLED is true, set this value to the Mend organiszation name. This is the organization identifier in your Mend account, for example: my-company-org.

If SECURECODER_MEND_ENABLED is true, set this value to the Mend product name.

If SECURECODER_MEND_ENABLED is true, set this value to the Mend service endpoint URL, for example: https://app.mend.io.

If SECURECODER_MEND_ENABLED is true, set this value to the email address associated with your Mend account, for example: security-team@company.com.

If SECURECODER_MEND_ENABLED is true, set this value to the name of the Mend project associated with the deployment.

If SECURECODER_MEND_ENABLED is true, set this value to the URL of the watsonx.ai instance, for example: https://us-south.ml.cloud.ibm.com.

If SECURECODER_MEND_ENABLED is true and your chosen provider is watsonx, set this value to the ID of the watsonx.ai project that you want to use.

Optional: If SECURECODER_MEND_ENABLED is true and your chosen provider is watsonx, you can set this value to the watsonx.ai model that is used. The default value for this attribute is "ibm/granite-4-h-small", which represents IBM's Granite-4.0-H-Small model.

If ENABLE_AI is true and your chosen provider is watsonx, set this value to the ID of the watsonx.ai project that you want to use.

Your Concert license entitles you to use an instance of watsonx.ai via IBM Cloud Pak for Data. If ENABLE_AI is true, your chosen provider is watsonx, and you want to connect to this instance, set this value to the username that IBM Cloud Pak for Data uses to authenticate to the watsonx.ai instance.

Optional: If ENABLE_AI is true and your chosen provider is watsonx, you can set this value to the watsonx.ai model that is used. The default value for this attribute is "ibm/granite-4-h-small", which represents IBM's Granite-4.0-H-Small model.

Optional: If ENABLE_AI is true and your chosen provider is watsonx, you can set this value to the IBM watsonx.ai version that is used. The default value, and only valid value, is "2024-03-14".

Optional: If ENABLE_AI is true and your chosen provider is watsonx, and the watsonx.ai instance is a dedicated one, you can set this value to the instance ID.

Set the value to true or false. The flag INSTALL_EKS determines whether the installation should proceed on an EKS cluster or an OCP cluster. If you unset the parameter or setting the value to false indicates that the installation should be performed on an OCP cluster instead of an EKS cluster. Set the value INSTALL_EKS=true, if you want to install these applications on an EKS cluster.

INSTALL_CONCERT

The INSTALL_CONCERT parameter is a configuration option that controls whether Concert should be installed as part of the deployment process. If set to true, Concert will be installed, while a value of false or keeping blank this variable will result in Concert not being installed. This setting allows for flexibility in the installation process, enabling or disabling the installation of Concert based on specific requirements or use cases.

INSTALL_DATAAPPS

The INSTALL_DATAAPPS parameter is a configuration option that controls whether Concert Data Apps should be installed as part of the deployment process. If set to true, Concert Data Apps will be installed, while a value of false or keeping blank this variable will result in Concert Data Apps not being installed. This setting allows for flexibility in the installation process, enabling or disabling the installation of Concert Data Apps based on specific requirements or use cases.

INSTALL_WORKFLOWS

The INSTALL_WORKFLOWS parameter is a configuration option that controls whether Concert Workflows should be installed as part of the deployment process. If set to true, Concert Workflows will be installed, while a value of false or keeping blank this variable will result in Concert Workflows not being installed. This setting allows for flexibility in the installation process, enabling or disabling the installation of Concert Workflows based on specific requirements or use cases.

This flag is used to specify the user for the registry. By default, this user is set to cp, indicating that if no alternative user is specified, cp will be used as the default registry user.

The flag is used to specify the registry where container images are hosted, serving as a crucial indicator for image storage and retrieval. By default, the value is set to cp.icr.io/cp, which points to a specific registry location. This default value can be modified to point to a different registry if needed, allowing for flexibility in managing container images across various environments. This provides a reference point for the system to locate and access the required container images.

HUB_URL

Optional: The HUB_URL parameter is a configuration setting that specifies the URL of an existing Hub. This parameter is used when installing the products to an existing Hub, rather than installing a fresh Hub instance. This means that the installation process will not include the setup of a fresh Hub instance. Instead, the system will be configured to connect to an existing Hub at a specified URL. If The HUB_URL is empty, then Hub will be installed with the deployment.

HUB_HTTPS_PORT

Optional: The HUB_HTTPS_PORT is a configuration setting that specifies the port number used for secure access to the Hub. A default HTTPS port for Hub is set to 12443. You can customize this port by setting a different port number, if required.

HUB_ACCESS_KEY

Optional: The HUB_ACCESS_KEY parameter is a required configuration setting when the HUB_URL is set. This means that if the HUB_URL is provided, the HUB_ACCESS_KEY must also be specified in order to authenticate and authorize access to the existing Hub.

Specifies the Kubernetes namespace where Hub will be installed. By default, Hub will be installed in the platform-hub namespace. Leave this parameter unset to use the default namespace. If you cannot use the default namespace, set your own namespace value.

This flag indicates the registry where the Hub images are hosted. The params.ini file has a default image registry suffix value of /solis-hub. You should not modify this value, as /solis-hub is a fixed setting for your installation.

Optional: This flag is used to set the scaling configuration level for a Hub instance. The default value for this flag is level_1, but it can be adjusted to level_2, level_3 or level_4 as needed. This allows users to control the scaling of their Hub instance, with higher levels providing more resources and capacity.

This flag sets the storage class for storing Hub data. Add the storage class name where the data is stored. Specify the storage class name you are using to store Hub data.

Specifies the Kubernetes namespace where Concert will be installed. By default, Concert will be installed in the concert namespace. Leave this parameter unset to use the default namespace. If you cannot use the default namespace, set your own namespace value.

This flag indicates the registry where the Concert images are hosted. The params.ini file has a default image registry suffix value of /concert. You should not modify this value, as /concert is a fixed setting for your installation.

Optional: This flag sets the scaling configuration level for Your Concert instance. The default value for this flag is level_1, but it can be adjusted to level_2, level_3 or level_4 as needed. For more information, refer to Scaling resources for a Kubernetes deployment.

This flag sets the storage class for storing Concert data. Give the storage class name you are using to store Concert data.

Specifies the Kubernetes namespace where Concert Data Apps will be installed. By default, Concert Data Apps will be installed in the concert-dataapps namespace. Leave this parameter unset to use the default namespace. If you cannot use the default namespace, set your own namespace value.

This flag indicate the registry where the Concert Data Apps images are hosted. The params.ini file has a default image registry suffix value of /concert. You should not modify this value, as /concert is a fixed setting for your installation.

Optional: This flag sets the scaling configuration level for your Concert Data Apps instance. The default value for this flag is level_1. Concert Data Apps only supports level_1 scale configuration.

This flag sets the storage class for storing Concert Data Apps data. Give the storage class name you are using to store Concert Data Apps data.

Specifies the Kubernetes namespace where Concert Workflows will be installed. By default, Concert Workflows will be installed in the concert-workflows namespace. Leave this parameter unset to use the default namespace. If you cannot use the default namespace, set your own namespace value.

This flag indicates the registry where the Concert Workflows images are hosted. The params.ini file has a default image registry suffix value of /concert. You should not modify this value, as /concert is a fixed setting for your installation.

The flag indicates the Concert Workflows instance address, which is the fully qualified domain name (FQDN) of the cluster where Concert Workflows is hosted. An example of this address would be hostname.domain.com. To find the FQDN, you can use commands such as hostname -f on Linux systems, which returns the FQDN of the host. The FQDN is a complete domain name for a host on a network, and it includes both the hostname and the domain name.

WORKFLOWS_ENABLE_FAAS

Optional: The WORKFLOWS_ENABLE_FAAS parameter is an optional configuration setting that controls whether FaaS functionality is enabled for Concert Workflows. By default, this parameter is set to true, which means FaaS functionality is enabled. If required, you can set to false, then the FaaS functionality will be disabled. This parameter allows for flexibility in Concert Workflows configuration, enabling or disabling FaaS support based on specific requirements or use cases.

WORKFLOWS_FAAS_NS

Optional: The WORKFLOWS_FAAS_NS parameter is utilized to specify the namespace for FaaS components. By default, this namespace is set to faas. If required, you can set the FaaS namespace value.

WORKFLOWS_ENABLE_ISTIO

Optional: The WORKFLOWS_ENABLE_ISTIO parameter is an optional configuration setting that controls whether Istio is enabled for mutual Transport Layer Security (mTLS). By default, this parameter is set to false, which means Istio is disabled. If set to true, Istio will be enabled, providing mTLS capabilities for secure communication between services.

Optional: This flag indicates the file path of the custom values configuration file created, which is used to customize AI model settings.

WORKFLOWS_INSTALL_ALL_INTEGRATIONS

By default, this parameter is set to true. It enables a Concert Workflows worker to pause its running workflows and save the workflow state to the database before it is terminated. To force workers to complete their workflows before termination, set this parameter to false.

Before a Concert Workflows worker is terminated, it pauses the workflows that it is running. To prevent workflows from being paused indefinitely, a timeout period is applied. If a workflow is still paused when the timeout is reached, the workflow is terminated. Use this parameter to define the termination timeout period in seconds for local workers. The default timeout period is 1800 seconds (30 minutes).

When a worker runs a workflow, it generates a user-scoped token to impersonate the user that triggered the workflow. The worker uses this token to fetch workflow definitions and authentication objects. Use this parameter to define the validity period of the token. The default validity period is 3600 seconds (1 hour).

Indicates the registry where the Securecoder images are hosted. The params.ini file has a default image registry suffix value of /concert. You should not modify this value, as /concert is a fixed setting for your installation.

Specifies the Kubernetes namespace where Securecoder will be installed. By default, Securecoder will be installed in the concert-securecoder namespace. Leave this parameter unset to use the default namespace. If you cannot use the default namespace, set your own namespace value.

Secure Coder offers a workspace scans feature, which utilizes the MendCLI tool to provide Static Application Security Testing (SAST) and Software Composition Analysis (SCA) scans. By default, this parameter is set to false, which means Mend scanning is disabled. If set to true, enables Mend SAST or OSS scanner integration.

If SECURECODER_MEND_ENABLED is true, set this value to the Mend organiszation name. This is the organization identifier in your Mend account, for example: my-company-org.

If SECURECODER_MEND_ENABLED is true, set this value to the Mend service endpoint URL, for example: https://app.mend.io.

If SECURECODER_MEND_ENABLED is true, set this value to the email address associated with your Mend account, for example: security-team@company.com.

If SECURECODER_MEND_ENABLED is true, set this value to the name of the Mend project associated with the deployment.

If SECURECODER_MEND_ENABLED is true, set this value to the URL of the watsonx.ai instance, for example: https://us-south.ml.cloud.ibm.com.

If SECURECODER_MEND_ENABLED is true and your chosen provider is watsonx, set this value to the ID of the watsonx.ai project that you want to use.

Optional: If SECURECODER_MEND_ENABLED is true and your chosen provider is watsonx, you can set this value to the watsonx.ai model that is used. The default value for this attribute is "ibm/granite-4-h-small", which represents IBM's Granite-4.0-H-Small model.

If ENABLE_AI is true and your chosen provider is watsonx, set this value to the ID of the watsonx.ai project that you want to use.

Your Concert license entitles you to use an instance of watsonx.ai via IBM Cloud Pak for Data. If ENABLE_AI is true, your chosen provider is watsonx, and you want to connect to this instance, set this value to the username that IBM Cloud Pak for Data uses to authenticate to the watsonx.ai instance.

Optional: If ENABLE_AI is true and your chosen provider is watsonx, you can set this value to the watsonx.ai model that is used. The default value for this attribute is "ibm/granite-4-h-small", which represents IBM's Granite-4.0-H-Small model.

Optional: If ENABLE_AI is true and your chosen provider is watsonx, you can set this value to the IBM watsonx.ai version that is used. The default value, and only valid value, is "2024-03-14".

Optional: If ENABLE_AI is true and your chosen provider is watsonx, and the watsonx.ai instance is a dedicated instance, you can set this value to the instance ID.