Customizing the configuration file

Customize the event emitter configuration file to provide the information needed to communicate with the Kafka services deployed for Business Automation Insights.

About this task

The FileNet® Content Manager event emitter sends events in JSON format. These events are stored in Kafka. You can customize the configuration file based on the Kafka instance that is provided by Business Automation Insights.

Procedure

  1. Extract the BAI configuration information from your chosen BAI deployment.

    You need to extract and import configuration information, secrets, and certificates from the chosen BAI deployment into your CPE deployment in the Content Cortex container environment. You can package the configuration information into a zip file (for example, BAI_Kafka_config.zip). Make sure that the zip file containing BAI configuration information is available in the machine where you want to enable BAI in the Content Platform Engine. When the file exists in the client machine where you want to enable BAI, you can configure the CPE deployment to connect to the BAI Kafka services.

    For more information, see topic Preparing to enable Business Automation Insights.

  2. In a temporary working directory, create a configuration file and name it configuration with no extension.
  3. Within the folder, copy and extract the BAI configuration information from the zip file that you created in Step 1.
  4. Edit the configuration file with a text editor and define security settings such as for an SSL keystore and truststore, or for an SASL_SSL truststore.
    Use the following example as a model for the contents of the configuration file:
    contentemitter.input.content.server=${CPE_HOSTNAME}
contentemitter.output.kafka.topic=${KAFKA_TOPIC}
contentemitter.output.kafka.bootstrap.servers=${KAFKA_HOST}:{PORT}
contentemitter.output.kafka.security.protocol=SASL_SSL
contentemitter.output.kafka.ssl.truststore.location=${KAFKA_BROKERS_TRUSTSTORE_FILE}
contentemitter.output.kafka.ssl.truststore.password=${KAFKA_BROKERS_TRUSTSTORE_PASSWORD}
contentemitter.output.kafka.ssl.enabled.protocols=TLSv1.2,TLSv1.3
contentemitter.output.kafka.ssl.truststore.type=PKCS12
contentemitter.output.kafka.ssl.endpoint.identification.algorithm=
contentemitter.output.kafka.sasl.mechanism=SCRAM-SHA-512
contentemitter.output.kafka.sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required username="${JAAS_CLIENT_USERNAME}" password="${JAAS_CLIENT_USER_PASSWORD}";
    Note: Hostname Verification
    The contentemitter.output.kafka.ssl.endpoint.identification.algorithm fields are optional. If you experience problems with authenticating to Kafka and observe that removing these fields resolves the authentication problem, you can disable the server hostname verification. Set the contentemitter.output.kafka.ssl.endpoint.identification.algorithm parameter to an empty string. Example: 
    contentemitter.output.kafka.ssl.endpoint.identification.algorithm=
    Use the following information to complete any information missing in the template as indicated by the presence of a variable that appears as "${}":
    contentemitter.input.content.server
    A unique label to identify the source that the emitted the event. Labels could be based on the CPE server hostname, or an identifier to convey an organizational unit such as Sales or Marketing. Must be one word with no white space. Special characters allowed include hyphen and period.
    contentemitter.output.kafka.topic
    The name of the Kafka topic where raw content events are stored. For BAI deployments in IBM Cloud Pak for Business Automation, specify the default topic name icp4ba-bai-content-ingress. For standalone BAI deployments, specify the default topic name icp4ba-bai-content-ingress
    contentemitter.output.kafka.bootstrap.servers
    The list of Kafka servers that is used to bootstrap connections to Kafka. For connecting to a Kafka cluster, this list must be in the format of host1:port1,host2:port2. These servers, which might change dynamically, are used for the initial connection to discover the full cluster membership. This list does not need to contain the full set of servers. You might want to list more than one server in case one is down. You can find the bootstrap servers as the value for the key 'external_bootstrap_servers' in the extracted file BAI_Kafka_config/bai_kafka_info.txt.
    contentemitter.output.kafka.security.protocol
    The value is SASL_SSL.
    contentemitter.output.kafka.ssl.truststore.location
    The full path to the truststore where the Kafka server certificate was imported. Default path for a traditional WebSphere node is C:\\Program Files\\IBM\WebSphere\\AppServer\\profiles\\AppSrv01\\config\\cells\\backend1Cell01\\nodes\\backend1Node01\\trust.p12.
    Note: For a Windows environment, you need to include "\\" in the configuration file path instead of "\".
    contentemitter.output.kafka.ssl.truststore.password
    The password to the truststore where the Kafka server certificate was imported.
    contentemitter.output.kafka.ssl.enabled.protocols
    The list of protocols enabled for TLS connections separated by commas. The default value is TLSv1.2,TLSv1.3 but can also be TLSv1.2 or TLSv1.3.
    Note: The Content event emitter does not support using TLSv1.3 with IBM Java 8 on traditional WebSphere Application Server.
    contentemitter.output.kafka.ssl.truststore.type
    The file format of the truststore file.
    contentemitter.output.kafka.ssl.endpoint.identification.algorithm
    Leave value blank (unassigned).
    contentemitter.output.kafka.sasl.mechanism
    The value is SCRAM-SHA-512.
    contentemitter.output.kafka.sasl.jaas.config
    The template is org.apache.kafka.common.security.scram.ScramLoginModule and the required username=\"<username>\" password=\"<userpassword>\";".
    • The username value is the Kafka username.
    • The user password value is the Kafka password.
    Tip: You can find the username and password values for the BAI Kafka connection in the extracted BAI_Kafka_config/bai_kafka_secret.yaml file. You can use the following command to view the values in plain text:
    base64 -d <<< “<value>”
  5. Copy the configuration file to all other nodes where the FileNetEngine application is deployed.
    The file system path can either be on a network directory, or on the local file system. If the path is on the local file system and the Content Platform Engine Server is in a cluster deployment, all servers in the cluster must have the same folder and the same path.