Configuration
The configuration settings for ITX Runtime Server instance can be broken down into following logical groups:
- Resource utilization (memory, CPU, storage, replica count)
- Redis configuration (host, port, password, etc.)
- Map settings (map threads, file extension, etc.)
- Storage settings (storage class, capacity, dynamic vs. static binding, etc.)
- General settings (service account, license, custom environment variables, replica count)
- Probe settings (liveness, readiness)
- Logging (log severity, log name uniqueness, log targets, etc.)
- TLS configuration (certificates, keys, etc.)
| Property | Description |
|---|---|
| Licensing | |
| license.accept | Switch with true/false values for accepting the terms and conditions of the license agreement |
| General | |
| general.serviceAccountName | Name of the ServiceAccount object to use for the installation. If left empty, the default service account is used |
| general.replicaCount | Number of ITX Runtime Server replica pods to deploy and run |
| general.env | Name of an optional ConfigMap containing keys/value to set as environment variable names/values when creating the pods |
| general.runMode | Selection of mode (fenced/unfenced). In fenced mode the REST service process and the worker map execution process are separate processes, and in unfenced mode they run in the same process |
| general.matchNodeLabel.name | Name of the label of the worker nodes to which the pods must be deployed |
| general.matchNodeLabel.value | Value of the label of the worker nodes to which the pods must be deployed |
| Image Settings | |
| image.repository | Image registry and repository location |
| image.digest | Image digest value, which takes priority over image tag value |
| image.tag | Image tag value |
| image.pullPolicy | Image pull policy, one of Always, Never and IfNotPresent |
| image.secret | Name of the pull image Secret object with which to configure the ServiceAccount for pulling images |
| Probes Settings | |
| probes.liveness.enabled | Switch with true/false values to enable/disable liveness probe |
| probes.liveness.initialDelaySeconds | Number of seconds to wait before making the initial liveness probe call |
| probes.liveness.periodSeconds | Number of seconds between liveness probe calls |
| probes.liveness.timeoutSeconds | Number of seconds after which the liveness probe call times out |
| probes.readiness.enabled | Switch with true/false values to enable/disable readiness probe |
| probes.readiness.initialDelaySeconds | Number of seconds to wait before making the initial readiness probe call |
| probes.readiness.periodSeconds | Number of seconds between readiness probe calls |
| probes.readiness.timeoutSeconds | Number of seconds after which the readiness probe call times out |
| Map Run Settings | |
| map.fileExtension | File extension for compiled maps. The default is .lnx which matches the default extension ITX Design Studio used for the maps compiled for the Linux 64 platform |
| map.unloadTimeMinutes | Time in minutes to keep loaded maps in memory |
| map.maxThreads | Maximum number of threads to spawn for running maps concurrently |
| syncTimeoutSeconds | Synchronous map execution timeout in seconds |
| map.disableCaching | Switch to disable map caching in the Runtime Server |
| map.allAttachments | Switch to include/exclude all attachments in the multi-part body response |
| Logging | |
| log.accessLog.level | Severity level for REST API access logs (none, all) |
| log.accessLog.days | Number of days to keep access logs |
| log.serverLog.level | Severity level for the REST server logs (none, failures, info, all) |
| log.serverLog.days | Number of days to keep server logs |
| log.serviceLog.level | Severity level for the REST service (application) logs (none, failures, info, all) |
| log.serviceLog.days | Number of days to keep service logs |
| log.serviceLog.stdErr | Switch with true/false values to enable logging service messages to standard error, in addition to logging them to log files. |
| log.execLog.days | Severity level for the map execution worker logs (none, failures, info, all) |
| log.execLog.fileCount | Number of files to keep in the map execution circular log |
| log.execLog.fileSizeKiB | Size limit in kilobytes for map execution log files. After the limit is passed, a new file is created in the circular log. |
| log.execLog.stdErr | Switch with true/false values to enable logging map execution messages to standard error, in addition to logging them to log files. |
| log.jniLog.level | Severity level for the Java Native Interface (JNI) component (none, failures, info, all) |
| log.cmgrLog.level | Severity level for the Connection Manager component (none, failures, info, all) |
| Resource Registry | |
| resourceRegistry.configFile | Full path, starting with /data, of the optional ITX resource registry file, if it was previously uploaded |
| Redis Settings | |
| redis.host | Redis host name. Must be a resolvable name on the current network. |
| redis.port | Redis port number (default is 6379) |
| redis.timeoutSeconds | Redis connection timeout in seconds |
| redis.secret | Name of the Secret object containing the Redis password, when accessing a password-enabled Redis service |
| redis.stem | Key prefix to use for all Redis keys produced and consumed by the server |
| redis.catalogCacheEnabled | Switch with true/false values to enable/disable caching cataloged map entries when registering and running cataloged maps |
| Resource Constraints | |
| resources.enabled | Switch with true/false values to enable/disable setting CPU and memory constraints |
| resources.requests.cpu | Requested number of CPU cores or millicores (using m suffix) |
| resources.requests.memory | Requested memory in bytes (with optional base-10 suffix like M or G, or base-2 suffix, like Mi or Gi |
| resources.limits.cpu | Upper limit number of CPU cores or millicores (using m suffix) |
| resources.limits.memory | Upper limit for memory in bytes (with optional base-10 or base-2 suffix, like Gi for gigabytes) |
| Persistent Volumes | |
| persistence.fsGroup | Filesystem group id for persistent volume operations, when not managed by the cluster |
| persistence.data.capacity | Capacity to request for data persistent volume. Base-10 suffixes like M and G, or base-2 suffixes like Mi and Gi can be used. |
| persistence.data.accessMode | Access mode to specify for the data persistent volume. It can be set to ReadWriteMany or ReadWriteOnce |
| persistence.data.useDynamicProvisioning | Switch with true/false values to enable/disable dynamic provisioning for the data persistent volume |
| persistence.data.storageClassName | Name of the storage class supported by the cluster to use for provisioning the data persistent volume |
| persistence.data.matchVolumeLabel.name | Name of the label to search for on the pre-defined data persistent volumes when selecting the one to bind when dynamic provisioning is disabled |
| persistence.data.matchVolumeLabel.value | Value of the specified persistent volume label to match for selecting it as the data persistent volume |
| persistence.logs.accessMode | Access mode to specify for the logs persistent volume. It can be set to ReadWriteMany or ReadWriteOnce |
| persistence.logs.useDynamicProvisioning | Switch with true/false values to enable/disable dynamic provisioning for the logs persistent volume |
| persistence.logs.storageClassName | Name of the storage class supported by the cluster to use for provisioning the logs persistent volume |
| persistence.logs.matchVolumeLabel.name | Name of the label to search for on the pre-defined logs persistent volume when selecting the one to bind when dynamic provisioning is disabled |
| persistence.logs.matchVolumeLabel.value | Value of the specified persistent volume label to match for selecting it as the logs persistent volume |
| SSL Settings | |
| ssl.enabled | Switch with true/false values to enable/disable use of HTTPS protocol on the ITX Runtime Server pods |
| ssl.serviceServingCertificates | Switch with true/false values to enable/disable OpenShift service serving certificates for securing service traffic |
| ssl.clientAuth | Switch with true/false values to enable/disable validation of certificate presented by the REST API callers (mutual authentication) |
| ssl.secret | Name of the Secret object containing CA certificate, Server certificate and Server private key, in PEM format |
| Service Settings | |
| service.type | Type of the network service to provision, one of ClusterIP, NodePort, LoadBalancer or ExternalName |
| service.port.http | Port to expose for the HTTP traffic, when SSL is not enabled |
| service.port.https | Port to expose for the HTTPS traffic, when SSL is enabled |
| Route Settings | |
| route.enabled | Switch with true/false values to enable/disable creation of a Route when the application is installed |
| route.host | Host value to use for the route, or empty string for the host value to be assigned automatically |
| Auto Scaling Settings | |
| autoscaling.enabled | Switch with true/false values to enable/disable auto scaling of ITX Runtime Server pods |
| autoscaling.maxreplicas | Maximum number of ITX Runtime Server pods to auto scale |
| autoscaling.minreplicas | Minimum number of ITX Runtime Server pods with which to start |
| autoscaling.targetCPUUtilizationPercentage | Threshold CPU utilization percentage to scale a new ITX Runtime Server pod |
| autoscaling.targetMemoryUtilizationPercentage | Threshold memory utilization percentage to scale a new ITX Runtime Server pod |