IBM Business Automation Workflow Runtime and Workstream Services parameters

New in 20.0.2 Each container needs a set of values for its configuration parameters to create a Kubernetes deployment. The following tables provide the description and default value for each parameter. Complete the custom resource YAML file for your deployment by supplying values for your environment and configuration.

The following tables list the configurable parameters and their default values. All properties are mandatory, unless they have a default value or are explicitly optional. Although the containers might seem to install correctly when some parameters are omitted, this kind of configuration is not supported.

Shared configuration parameters
User Management Service configuration parameters
Resource Registry configuration parameters
Business Automation Navigator configuration parameters
FileNet Content Manager configuration parameters
Business Automation Insights configuration parameters
Application Engine configuration parameters
Business Automation Workflow configuration parameters

Shared configuration parameters

Some configuration parameters can be shared by an installation of multiple automation components. See Shared configuration for these parameters.

The following table shows shared configuration parameters for IBM Business Automation Workflow and Workstream Services.

Table 1. Pattern configuration parameters
Parameter	Description	Default
shared_configuration.sc_deployment_patterns	Deployment pattern.	workflow
shared_configuration.sc_dynamic_storage_classname	The value must be provided if you plan to install a pattern for demonstration purposes. A component can override the shared storage class name to define specific storage classes.
shared_configuration.sc_run_as_user	For non-OCP (CNCF platforms such as AWS, GKE), this parameter is required.
shared_configuration.sc_optional_components	You can choose Business Automation Insights as an optional component to install with the pattern.	bai
shared_configuration.sc_deployment_baw_license	Business Automation Workflow (BAW) license. Possible values are: user, non-production, and production.
shared_configuration.sc_deployment_fncm_license	Business Automation Workflow (FNCM) license. Possible values are: user, non-production, and production.
shared_configuration.sc_deployment_license	Use this parameter to specify the license for the deployment for the rest of the Business Automation Workflow components.

LDAP configuration parameters

For LDAP configuration parameters, see LDAP configuration.

Kafka configuration parameters

For Kafka configuration and parameters, see Kafka client configuration.

Mandatory configuration parameters

You must set the parameters in the custom resource file to access the docker images in your environment. The following table lists the configurable parameters and default values. All properties are mandatory

Table 2. Spec configuration parameters
Parameter	Description
appVersion	The version of the current release.

Table 3. Mandatory shared configuration parameters
Parameter	Description	Default
shared_configuration.root_ca_secret	Root certificate authority (CA) secret name to store the root CA TLS key and certificate.	icp4a-root-ca
shared_configuration.encryption_key_secret	Shared encryption key secret name that is used for Workflow Services and IBM FileNet® Content Manager integration.	icp4a-shared-encryption-key
shared_configuration.sc_deployment_type	Business Automation Workflow can be installed for demo and enterprise. Set the value to `demo` in your non-production environments only.	enterprise
shared_configuration.sc_deployment_platform	The platform to be deployed specified by the user. Possible values are: OCP and other. The value is normally populated by the user script based on input from the user.
shared_configuration.sc_deployment_hostname_suffix	Specify the hostname used to create routes. Routes are created automatically if `sc_deployment_platform` is set to OCP.
shared_configuration.trusted_certificate_list	Default trusted certificate secret names. Every component trusts these certificates for secure communication. Enter a comma-delimited list of the secret names.	[]
shared_configuration.image_pull_secrets	Shared image pull secrets.	IfNotPresent
shared_configuration.images.keytool_job_container.repository	Image name for Transport Layer Security (TLS) job container.	dba-keytool-jobcontainer
shared_configuration.images.keytool_job_container.tag	Image tag for TLS job container.	20.0.3 (or 20.0.2 for previous version)
shared_configuration.images.dbcompatibility_init_container.repository	Image name for database compatibility init container.	dba-dbcompatibility-initcontainer
shared_configuration.images.dbcompatibility_init_container.tag	Image tag for database compatibility init container.	20.0.3 (or 20.0.2 for previous version)
shared_configuration.images.keytool_init_container.repository	Image name for TLS init container.	dba-keytool-initcontainer
shared_configuration.images.keytool_init_container.tag	Image tag for TLS init container.	20.0.3 (or 20.0.2 for previous version)
shared_configuration.images.umsregistration_initjob.repository	Image name for OpenID Connect (OIDC) registration job container.	dba-umsregistration-initjob
shared_configuration.images.umsregistration_initjob.tag	Image tag for OIDC registration job container.	20.0.3 (or 20.0.2 for previous version)
shared_configuration.images.pull_policy	Pull policy for all containers.	IfNotPresent

User Management Service configuration parameters

For UMS configuration parameters, see User Management Service configuration parameters.

Resource Registry configuration parameters

For Resource Registry parameters, see the Resource Registry table in IBM Business Automation Application Engine parameters.

FileNet Content Manager configuration parameters

See IBM FileNet Content Manager parameters.

Business Automation Insights configuration parameters

See IBM Business Automation Insights parameters.

Application Engine configuration parameters

See IBM Business Automation Application Engine parameters.

Business Automation Workflow configuration parameters

Provide the details that are relevant to your Business Automation Workflow environment and your decisions for the deployment of the container.

The following tables list the parameters for configuring Workflow Services.

Workflow Services configuration parameters
Java Message Service (JMS) configuration parameters
BPM event emitter configuration parameters
Case event emitter configuration parameters
New in 20.0.3 Machine Learning Server configuration parameters
- Intelligent Task Prioritization configuration parameters
- Workforce Insights configuration parameters
Process Federation Server configuration parameters
Elasticsearch configuration parameters

Table 4. Workflow Services configuration parameters
Parameter	Description	Default
baw_configuration[x].name	Name of the instance. The name for each item in the array must be different.	instance1
baw_configuration[x].host_federated_portal	Whether the Business Automation Workflow instance hosts federated Process Portal New in 20.0.3 and integrates with Intelligent Task Prioritization.	true
baw_configuration[x].federated_portal.content_security_policy_additional_origins	Content security policy additional origins for federating Business Automation Workflow traditional systems. For example, ["https://on-prem-baw1","https://on-prem-baw2"].	[]
baw_configuration[x].service_type	Workflow Server service type.	Route
baw_configuration[x].hostname	Workflow Server hostname.
baw_configuration[x].port	Workflow Server port.	443
baw_configuration[x].nodeport	Workflow Server node port.	30026
baw_configuration[x].env_type	Workflow Server environment type. Possible values are `Development`, `Test`, `Staging`, and `Production`.	Production
baw_configuration[x].capabilities	Workflow Server capability.	workflow
baw_configuration[x].replicas	Workflow Server replica count.	1
baw_configuration[x].admin_user	Administrator user for Workflow Server. This parameter is required.
baw_configuration[x].admin_secret_name	The name of Workflow Server admin secret.	baw-admin-secret
baw_configuration[x].monitor_enabled	Whether to use the built-in monitoring capability.	false
baw_configuration[x].customized_portal_endpoint	Required if you implemented your own portal. For example, `https://portal.mycompany.com`.
baw_configuration[x].external_connection_timeout	External connection timeout.	60s
New in 20.0.3 baw_configuration.external_tls_secret	Secret that contains the Transport Layer Security (TLS) key and certificate for external https connections. You can enter the secret name here. If you do not want to use the customized external TLS certificate, leave it empty.
New in 20.0.3 baw_configuration.external_tls_ca_secret	Certificate authority (CA) used to sign the external TLS secret. It is stored in the secret with the TLS key and certificate. You can enter the secret name here. If you don't want to use the customized CA to sign the external TLS certificate, leave it empty.
baw_configuration[x].tls.tls_secret_name	Workflow Server TLS secret that contains tls.key and tls.crt.	ibm-baw-tls
baw_configuration[x].tls.tls_trust_list	Workflow Server TLS trust list.
New in 20.0.3 baw_configuration[x].tls.tls_trust_store	Secret to store your custom trusted keystore (optional). The type for the keystore must be JKS or PKCS12. All certificates from the keystore are imported into the trust keystore of the Workflow server. You might run the following sample command to create the secret: `kubectl create secret generic baw_custom_trust_keystore_secret --from-file=truststorefile=./trust.jks --from-literal=type=JKS --from-literal=password=WebAS`
baw_configuration[x].image.repository	Workflow Server (Process Server) image repository URL.	workflow-server
baw_configuration[x].image.tag	Image tag for Workflow Server container.	20.0.3 (or 20.0.2 for previous version)
baw_configuration[x].image.pullPolicy	Pull policy for Workflow Server container.	IfNotPresent
baw_configuration[x].pfs_bpd_database_init_job.repository	Database initialization image repository URL for Process Federation Server.	pfs-bpd-database-init-prod
baw_configuration[x].pfs_bpd_database_init_job.tag	Database initialization image repository tag for Process Federation Server.	20.0.3 (or 20.0.2 for previous version)
baw_configuration[x].pfs_bpd_database_init_job.pullPolicy	Pull policy for Process Federation Server database initialization image.	IfNotPresent
baw_configuration[x].upgrade_job.repository	Workflow Server database handling image repository URL.	workflow-server-dbhandling
baw_configuration[x].upgrade_job.tag	Workflow Server database handling image repository tag.	20.0.3 (or 20.0.2 for previous version)
baw_configuration[x].upgrade_job.pullPolicy	Pull policy for database handling.	IfNotPresent
baw_configuration[x].bas_auto_import_job.repository	Workflow Server IBM Business Automation Studio toolkit init image repository URL.	toolkit_installer
baw_configuration[x].bas_auto_import_job.tag	Workflow Server database handling image repository tag.	20.0.3 (or 20.0.2 for previous version)
baw_configuration[x].bas_auto_import_job.pullPolicy	Pull policy for database handling.
New in 20.0.3 baw_configuration[x].database.enable_ssl For 20.0.2 baw_configuration[x].database.ssl	Whether to enable Secure Sockets Layer (SSL) support for the Workflow Server database connection.	true
New in 20.0.3 baw_configuration[x].database.db_cert_secret_name For 20.0.2 baw_configuration[x].database.sslsecretname	Secret name for storing the database TLS certificate when an SSL connection is enabled.
baw_configuration[x].database.type	Workflow Server database type.	DB2®
baw_configuration[x].database.server_name	Workflow Server database server name. This parameter is required.
baw_configuration[x].database.database_name	Workflow Server database name. This parameter is required.
baw_configuration[x].database.port	Workflow Server database port. This parameter is required.	50000
baw_configuration[x].database.secret_name	Workflow Server database secret name. This parameter is required.
New in 20.0.3 baw_configuration[x].database.jdbc_url	Oracle database connection string. If the database type is Oracle, provide this string. For example, `jdbc:oracle:thin:@//<oracle_server>:1521/orcl`.
New in 20.0.3 baw_configuration[x].database.use_custom_jdbc_drivers	Whether to use custom JDBC drivers. Set to true if you are using Oracle, PostgreSQL, or a special Db2® driver.	false
New in 20.0.3 baw_configuration[x].database.custom_jdbc_pvc	Name of the persistent volume claim (PVC) that binds to the persistent volume (PV) where the custom JDBC driver files are stored.
New in 20.0.3 baw_configuration[x].database.jdbc_driver_files	The set of JDBC driver files.	`db2jcc4.jar db2jcc_license_cisuz.jar db2jcc_license_cu.jar`
baw_configuration[x].database.cm_max_pool_size	Workflow server database connect pool maximum number of physical connections	200
baw_configuration[x].database.dbcheck.wait_time	Workflow Server database check wait time.	900
baw_configuration[x].database.dbcheck.interval_time	Workflow Server database interval time.	15
baw_configuration[x].database.hadr.standbydb_host	Database standby host for high availability disaster recovery (HADR). To enable database HADR, configure both standby host and port.
baw_configuration[x].database.hadr.standbydb_port	Database standby port for HADR. To enable database HADR, configure both standby host and port.
baw_configuration[x].database.hadr.retryinterval	Retry interval for HADR.
baw_configuration[x].database.hadr.maxretries	Maximum retries for HADR.
baw_configuration[x].workflow_center.url	The URL of Workflow Center.
baw_configuration[x].workflow_center.secret_name	The secret name of Workflow Center that contains username and password.
baw_configuration[x].workflow_center.heartbeat_interval	Heartbeat interval (seconds) to connect to Workflow Center.	30
New in 20.0.3 baw_configuration[x].workflow_center.webpd_url	URL that is used by Workflow Center to link to the web Process Designer. For example, `https://hostname:port/WebPD`.
baw_configuration[x].appengine.hostname	Hostname of Application Engine. The value must be the same as `application_engine_configuration[x].hostname`.
baw_configuration[x].appengine.admin_secret_name	Secret name of Application Engine. The value must be the same as `application_engine_configuration[x].admin_secret_name`.
baw_configuration[x].content_integration.init_job_image.repository	Image name for content integration container.	iaws-ps-content-integration
baw_configuration[x].content_integration.init_job_image.tag	Image tag for content integration container.	20.0.3 (or 20.0.2 for previous version)
baw_configuration[x].content_integration.init_job_image.pull_policy	Pull policy for content integration container.	IfNotPresent
baw_configuration[x].content_integration.domain_name	Domain name for content integration. The value must be the same as `initialize_configuration.ic_domain_creation.domain_name`.	DOCS
baw_configuration[x].content_integration.object_store_name	Object Store name for content integration.
baw_configuration[x].content_integration.cpe_admin_secret	Admin secret for content integration.
baw_configuration[x].case.init_job_image.repository	Image name for CASE init job container.	workflow-server-case-initialization
baw_configuration[x].case.init_job_image.tag	Image tag for CASE init job container.	20.0.3 (or 20.0.2 for previous version)
baw_configuration[x].case.init_job_image.pull_policy	Pull policy for CASE init job container.	IfNotPresent
baw_configuration[x].case.domain_name	Domain name for CASE. The value must be the same as `initialize_configuration.ic_domain_creation.domain_name`.	P8DOMAIN
baw_configuration[x].case.object_store_name_dos	Design Object Store name of CASE. The value must be the same as the `oc_cpe_obj_store_symb_name` value of one of the object stores defined in `initialize_configuration.ic_obj_store_creation.object_stores`.	DOS
baw_configuration[x].case.object_store_name_tos	Target Object Store name of CASE. The value must be the same as the `oc_cpe_obj_store_symb_name` value of one of the object stores defined in `initialize_configuration.ic_obj_store_creation.object_stores`.	TOS
baw_configuration[x].case.connection_point_name_tos	Connection point name for Target Object Store.	cpe_conn_tos
New in 20.0.3 baw_configuration[x].case.target_environment_name	Name of the target environment or project area to register with the case components and associate with an IBM Content Navigator desktop.	target_env
baw_configuration[x].case.network_shared_directory_pvc	Persistent volume claim (PVC) name for case network shared directory. This parameter must be set to the same value as the Business Automation Navigator `pvc_for_icn_pluginstore` parameter. See IBM Business Automation Navigator parameters.
baw_configuration[x].case.custom_package_names	Custom package names for installing custom packages, where the value format is similar to `package1.zip, package2.zip`.
baw_configuration[x].case.custom_extension_names	Custom extension names for installing custom packages, where the value format is similar to `extension1.zip, extension2.zip`.
baw_configuration[x].resources.limits.cpu	CPU limit for Workflow Server.	2
baw_configuration[x].resources.limits.memory	Memory limit for Workflow Server.	2096Mi
baw_configuration[x].resources.requests.cpu	Requested amount of CPU for Workflow Server.	500m
baw_configuration[x].resources.requests.memory	Requested amount of memory for Workflow Server.	1048Mi
baw_configuration[x].probe.ws.liveness_probe.initial_delay_seconds	Number of seconds after the Workflow Server container starts before the liveness probe is initiated.	New in 20.0.3 360 For 20.0.2 240
New in 20.0.3 baw_configuration[x].probe.ws.liveness_probe.period_seconds	Number of seconds to wait before the next probe.	10
New in 20.0.3 baw_configuration[x].probe.ws.liveness_probe.timeout_seconds	Number of seconds after which the probe times out.	10
New in 20.0.3 baw_configuration[x].probe.ws.liveness_probe.failure_threshold	When a probe fails, number of times that Kubernetes tries before it gives up and restarts the container.	3
New in 20.0.3 baw_configuration[x].probe.ws.liveness_probe.success_threshold	Minimum consecutive successes for the probe to be considered successful after it failed.	1
baw_configuration[x].probe.ws.readinessProbe.initial_delay_seconds	Number of seconds after the Workflow Server container starts before the readiness probe is initiated.	New in 20.0.3 360 For 20.0.2 180
New in 20.0.3 baw_configuration[x].probe.ws.readiness_probe.period_seconds	Number of seconds to wait before the next probe.	5
New in 20.0.3 baw_configuration[x].probe.ws.readiness_probe.timeout_seconds	Number of seconds after which the probe times out.	5
New in 20.0.3 baw_configuration[x].probe.ws.readiness_probe.failure_threshold	When a probe fails, number of times that Kubernetes tries before it marks the pod as unready.	6
New in 20.0.3 baw_configuration[x].probe.ws.readiness_probe.success_threshold	Minimum consecutive successes for the probe to be considered successful after it failed.	1
baw_configuration[x].logs.console_format	Format for printing logs on the console.	json
baw_configuration[x].logs.console_log_level	Log level for printing logs on the console.	INFO
baw_configuration[x].logs.console_source	Source of the logs for printing on the console.	message,trace,accessLog,ffdc,audit
baw_configuration[x].logs.message_format	Required format for the messages.log file. New in 20.0.3 Valid values are SIMPLE and JSON.	New in 20.0.3 SIMPLE For 20.0.2 basic
baw_configuration[x].logs.trace_format	Format of the trace log. Options values are: BASIC, ADVANCED, and ENHANCED.	ENHANCED
baw_configuration[x].logs.trace_specification	Specification for printing trace logs.	*=info\|
New in 20.0.3 baw_configuration[x].logs.max_files	Maximum number of log files that are kept before the oldest file is removed.	10
New in 20.0.3 baw_configuration[x].logs.max_filesize	Maximum size (in MB) that a log file can reach before it is rolled.	50
baw_configuration[x].storage.use_dynamic_provisioning	Set to true to use dynamic storage provisioning. If set to false, you must set `existing_pvc_for_logstore` and `existing_pvc_for_dumpstore`.	true
baw_configuration[x].storage.existing_pvc_for_logstore	Persistent volume claim (PVC) for logs.
baw_configuration[x].storage.size_for_logstore	Minimum size of the persistent volume (PV) that is mounted as the log store.	10Gi
baw_configuration[x].storage.existing_pvc_for_dumpstore	PVC for dump files.
baw_configuration[x].storage.size_for_dumpstore	Minimum size of the PV that is mounted as the dump store.	10Gi
New in 20.0.3 baw_configuration[x].storage.existing_pvc_for_filestore	PVC for files. This includes temporary files that are created by the SQL integration facility Invoking SQL Integration services.
New in 20.0.3 baw_configuration[x].storage.size_for_filestore	Minimum size of the PV that is mounted as the file store.	10Gi
New in 20.0.3 baw_configuration[x].autoscaling.enabled	Whether to enable automatically scaling the number of pods.	false
New in 20.0.3 baw_configuration[x].autoscaling.max_replicas	Upper limit for the number of pods that can be set by the autoscaler. If it is not specified or negative, the server uses the default value	3
New in 20.0.3 baw_configuration[x].autoscaling.min_replicas	Lower limit for the number of pods that can be set by the autoscaler. If it is not specified or negative, the server uses the default value	2
New in 20.0.3 baw_configuration[x].autoscaling.target_cpu_utilization_percentage	Target average CPU utilization (represented as a percent of requested CPU) over all the pods. If it is not specified or negative, the default is used.	80
New in 20.0.3 baw_configuration[x].environment_config.show_task_prioritization_service_toggle	Whether to show the Intelligent Task Prioritization service toggle button in the web user interface to allow the user to enable or disable this service. This parameter is valid only for the first Workflow instance.	false
New in 20.0.3 baw_configuration[x].environment_config.always_run_task_prioritization_service	Whether to display the Intelligent Task Prioritization service toggle button. If this parameter is set to true, the previous parameter is ignored. This parameter is valid only for the first Workflow instance.	false
New in 20.0.3 baw_configuration[x].federation_config.workflow_server.index_number_of_shards	Number of primary shards of the Elasticsearch index used to store Workflow server data.	3
New in 20.0.3 baw_configuration[x].federation_config.workflow_server.index_number_of_replicas	Number of shard replicas of the Elasticsearch index used to store Workflow server data.	1
New in 20.0.3 baw_configuration[x].federation_config.case_manager[x].object_store_name	Case Manager object store name.	TOS
New in 20.0.3 baw_configuration[x].federation_config.case_manager[x].index_number_of_shards	Number of primary shards of the Elasticsearch index used to store Case Manager object store data.	3
New in 20.0.3 baw_configuration[x].federation_config.case_manager[x].index_number_of_replicas	Number of shard replicas of the Elasticsearch index used to store Case Manager object store data.	1
baw_configuration[x].jvm_customize_options	JVM options separated with spaces, for example: `-Dtest1=test -Dtest2=test2`.
baw_configuration[x].liberty_custom_xml	Workflow Server custom plain XML snippet.
baw_configuration[x].custom_xml_secret_name	Workflow Server custom XML secret name.
baw_configuration[x].lombardi_custom_xml_secret_name	Workflow Server Lombardi custom XML secret name.

Table 5. Java Message Service (JMS) configuration parameters
Parameter	Description	Default
baw_configuration[x].jms.image.repository	Image name for JMS container.	baw-jms-server
baw_configuration[x].jms.image.tag	Image tag for JMS container.	20.0.3 (or 20.0.2 for previous version)
baw_configuration[x].jms.image.pull_policy	Pull policy for JMS container.	IfNotPresent
baw_configuration[x].jms.tls.tls_secret_name	TLS secret name for JMS.	ibm-jms-tls-secret
baw_configuration[x].jms.resources.limits.memory	Memory limit for JMS configuration.	2Gi
baw_configuration[x].jms.resources.limits.cpu	CPU limit for JMS configuration.	1000m
baw_configuration[x].jms.resources.requests.memory	Requested amount of memory for JMS configuration.	512Mi
baw_configuration[x].jms.resources.requests.cpu	Requested amount of CPU for JMS configuration.	200m
baw_configuration[x].jms.storage.persistent	Whether to enable persistent storage for JMS.	true
baw_configuration[x].jms.storage.size	Size for JMS persistent storage.	1Gi
baw_configuration[x].jms.storage.use_dynamic_provisioning	Whether to enable dynamic provisioning for JMS persistent storage.	true
baw_configuration[x].jms.storage.access_modes	Access modes for JMS persistent storage. Refer to Kubernetes documentation for available options.	ReadWriteOnce
baw_configuration[x].jms.storage.storage_class	Storage class name for JMS persistent storage.	Uses the shared_configuration.storage_configuration. sc_fast_file_storage_classname
baw_configuration[x].jms.liveness_probe.initial_delay_seconds	Number of seconds after the container starts before the liveness probe is initiated.	180
baw_configuration[x].jms.liveness_probe.period_seconds	How often (in seconds) to perform the probe.	20
baw_configuration[x].jms.liveness_probe.timeout_seconds	Number of seconds after which the probe times out.	10
baw_configuration[x].jms.liveness_probe.failure_threshold	When a pod starts and the probe fails, Kubernetes tries this number of times before giving up. Minimum value is 1.	3
baw_configuration[x].jms.liveness_probe.success_threshold	Minimum consecutive successes for the probe to be considered successful after failing. Minimum value is 1.	1
baw_configuration[x].jms.readiness_probe.initial_delay_seconds	Number of seconds after the container starts before the readiness probe is initiated.	30
baw_configuration[x].jms.readiness_probe.period_seconds	How often (in seconds) to perform the probe.	5
baw_configuration[x].jms.readiness_probe.timeout_seconds	Number of seconds after which the probe times out.	5
baw_configuration[x].jms.readiness_probe.failure_threshold	When a pod starts and the probe fails, Kubernetes tries this number of times before giving up. Minimum value is 1.	6
baw_configuration[x].jms.readiness_probe.success_threshold	Minimum consecutive successes for the probe to be considered successful after failing. Minimum value is 1.	1

Table 6. BPM event emitter configuration parameters
Parameter	Description	Default
baw_configuration[x].business_event.enable	Whether to enable event monitoring for Dynamic Event Framework events for the Workflow Services container. If Business Automation Insights and the Machine Learning Server parameters are configured, this parameter must be set to true.	false
baw_configuration[x].business_event.enable_task_api	Whether to record additional task information in generated events. If Business Automation Insights and the Machine Learning Server parameters are configured, this parameter must be set to true. This parameter is equivalent to the `enable_task_api_def` parameter. See BPMN summary event formats.	false
baw_configuration[x].business_event.enable_task_record	Whether to enable the task record in generated events. This optional parameter is equivalent to the `task-record-enabled` parameter. See BPMN summary event formats.	true
baw_configuration[x].business_event.subscription	List of the subscription configurations. Each subscription attribute is listed in the rest of this table. `[{'app_name': '','version': '','component_type': '','component_name': '','element_type': '','element_name': '','nature': '*'}]` See Event point key and filter.
baw_configuration[x].business_event.subscription[x].app_name	Name of the application that is the source of the events that are to be monitored.
baw_configuration[x].business_event.subscription[x].component_name	Name of the component to be monitored.
baw_configuration[x].business_event.subscription[x].component_type	Type of the component to be monitored.
baw_configuration[x].business_event.subscription[x].element_name	Name of the element to be monitored.
baw_configuration[x].business_event.subscription[x].element_type	Type of element to be monitored. BPMN types are PROCESS, ACTIVITY, EVENT, and GATEWAY.
baw_configuration[x].business_event.subscription[x].nature	Nature of the event. One element can send events of various natures, such as STARTED, ACTIVE, COMPLETED. The BPMN nature categories are STARTED, COMPLETED, TERMINATED, DELETED, FAILED, CAUGHT, THROWN, EXPECTED, ACTIVE, READY, RESOURCE_ASSIGNED, ACTIVE, LOOP_CONDITION_TRUE, LOOP_CONDITION_FALSE, and MULTIPLE_INSTANCES_STARTED.
baw_configuration[x].business_event.subscription[x].version	Version of the application to be monitored.

To enable event monitoring for Dynamic Framework Events, add the configuration business_event related to each instance of baw_configuration in your custom resource YAML file, as in the following example:

  baw_configuration:
    - name: instance1
      business_event:
	#The main switch 
        enable: true
	#Performance tuning switches. You must set these to true so the task-related events can be monitored.
        enable_task_api: true
        enable_task_record: true
	#Subscription related settings
        subscription:
        - app_name: '*'
          component_name: '*'
          component_type: '*'
          element_name: '*'
          element_type: '*'
          nature: '*'
          version: '*'

Table 7. Case event emitter configuration parameters
Parameter	Description	Default
baw_configuration[x].case.event_emitter.date_sql	Creation date of the events. The emitter starts processing the events from that date. If a bookmark exists, the emitter ignores this parameter and processes the events from the bookmark.
baw_configuration[x].case.event_emitter.logical_unique_id	An 8-character alphanumeric string without underscores. This value is always required. While processing, the emitter tracks the events that are processed by using the Content Engine Audit Processing Bookmark with a display name that is based on this value. Therefore, if the emitter is restarted and if the bookmark exists, the emitter processes the events from the last bookmark.
baw_configuration[x].case.event_emitter.solution_list	Comma-separated list of all the case solution names that need to be processed. Add all the solutions that you want to be processed before you deploy the Case event emitter.
New in 20.0.3 baw_configuration[x].case.event_emitter.emitter_batch_size	Case event emitter batch size.	1000
New in 20.0.3 baw_configuration[x].case.event_emitter.process_pe_events	Whether to process FileNet Process Engine events in addition to IBM Business Automation Workflow events.	true

The following example shows sample values:

event_emitter:
  date_sql: 20200630T002840Z
  logical_unique_id: bawinst1
  solution_list: SampleSolution1,SampleSolution2

New in 20.0.3 You can use the * wildcard if you want events from all the case solutions to be processed by the Case event emitter. Use: solution_list: *

New in 20.0.3 Machine Learning Server configuration parameters

The following tables list the parameters for configuring Machine Learning Server:

Intelligent Task Prioritization configuration parameters
Workforce Insights configuration parameters

Important: To use Intelligent Task Prioritization, you must set the following Business Automation Insights parameter to true:

bai_configuration:
    bpmn:
      install: true

Table 8. Intelligent Task Prioritization configuration parameters
Parameter	Description	Default
baml_configuration.intelligent_task_prioritization.replicas	Intelligent Task Prioritization pod count.	2
baml_configuration.intelligent_task_prioritization.probes.readiness.initial_delay_seconds	Number of seconds after the Intelligent Task Prioritization container starts before the readiness probe is initiated.	40
baml_configuration.intelligent_task_prioritization.image.repository	Image for Intelligent Task Prioritization container.	cp.icr.io/cp/cp4a/baw/bui-task-prioritization
baml_configuration.intelligent_task_prioritization.image.tag	Image tag for Intelligent Task Prioritization container.	20.0.3
baml_configuration.intelligent_task_prioritization.image.pull_policy	Pull policy for Intelligent Task Prioritization container.	IfNotPresent
baml_configuration.intelligent_task_prioritization.resources.limits.cpu	CPU limit for Intelligent Task Prioritization container.	2
baml_configuration.intelligent_task_prioritization.resources.limits.memory	Memory limit for Intelligent Task Prioritization container.	2048Mi
baml_configuration.intelligent_task_prioritization.resources.requests.cpu	Requested amount of CPU for Intelligent Task Prioritization container.	500m
baml_configuration.intelligent_task_prioritization.resources.requests.memory	Requested amount of memory for Intelligent Task Prioritization container.	1024Mi
baml_configuration.intelligent_task_prioritization.storage.use_dynamic_provisioning	Whether to use a dynamic storage provisioner. If this parameter is set to false, existing_pvc_for_logstore and existing_pvc_for_trained_pipelines must also be set.	true
baml_configuration.intelligent_task_prioritization.storage.existing_pvc_for_logstore	Persistent volume claim (PVC) for logs.
baml_configuration.intelligent_task_prioritization.storage.size_for_logstore	Minimum size of the persistent volume (PV) that is mounted as the log store.	10g
baml_configuration.intelligent_task_prioritization.storage.existing_pvc_for_trained_pipelines	PVC for Intelligent Task Prioritization trained pipeline files.
baml_configuration.intelligent_task_prioritization.storage.size_for_trained_pipelines	Minimum size of the PV that is mounted as the storage for Intelligent Task Prioritization trained pipeline files.	10g
baml_configuration.intelligent_task_prioritization.autoscaling.enabled	Whether to enable Horizontal Pod Autoscaler for Intelligent Task Prioritization pod for Intelligent Task Prioritization pod.	false
baml_configuration.intelligent_task_prioritization.autoscaling.max_replicas	Upper limit for the number of pods that can be set by the autoscaler. It cannot be smaller than `min_replicas`.	3
baml_configuration.intelligent_task_prioritization.autoscaling.min_replicas	Lower limit for the number of replicas to which the autoscaler can scale down.	2
baml_configuration.intelligent_task_prioritization.autoscaling.target_cpu_utilization_percentage	Target average CPU utilization over all the pods.	80

Important: To use Workforce Insights, you must set the following Business Automation Insights parameters to true:

bai_configuration:
    bpmn:
      install: true
      forceElasticsearchTimeseries: true

Table 9. Workforce Insights configuration parameters
Parameter	Description	Default
baml_configuration.workforce_insights.replicas	Workforce Insights pod count.	2
baml_configuration.workforce_insights.probes.readiness.initial_delay_seconds	Number of seconds after the Workforce Insights container starts before the readiness probe is initiated.	40
baml_configuration.workforce_insights.image.repository	Image for Workforce Insights container.	cp.icr.io/cp/cp4a/baw/bui-task-prioritization
baml_configuration.workforce_insights.image.tag	Image tag for Workforce Insights container.	20.0.3
baml_configuration.workforce_insights.image.pull_policy	Pull policy for Workforce Insights container.	IfNotPresent
baml_configuration.workforce_insights.resources.limits.cpu	CPU limit for Workforce Insights container.	2
baml_configuration.workforce_insights.resources.limits.memory	Memory limit for Workforce Insights container.	2048Mi
baml_configuration.workforce_insights.resources.requests.cpu	Requested amount of CPU for Workforce Insights container.	500m
baml_configuration.workforce_insights.resources.requests.memory	Requested amount of memory for Workforce Insights container.	1024Mi
baml_configuration.workforce_insights.storage.use_dynamic_provisioning	Whether to use a dynamic storage provisioner. If this parameter is set to false, existing_pvc_for_logstore must also be set.	true
baml_configuration.workforce_insights.storage.existing_pvc_for_logstore	Persistent volume claim (PVC) for logs.
baml_configuration.workforce_insights.storage.size_for_logstore	Minimum size of the persistent volume (PV) that is mounted as the log store.	10g
baml_configuration.workflow_insights.autoscaling.enabled	Whether to enable Horizontal Pod Autoscaler for Intelligent Task Prioritization pod for Workforce Insights pod.	false
baml_configuration.workflow_insights.autoscaling.max_replicas	Upper limit for the number of pods that can be set by the autoscaler. It cannot be smaller than `min_replicas`.	3
baml_configuration.workflow_insights.autoscaling.min_replicas	Lower limit for the number of replicas to which the autoscaler can scale down.	2
baml_configuration.workflow_insights.autoscaling.target_cpu_utilization_percentage	Target average CPU utilization over all the pods.	80

Table 10. Process Federation Server configuration parameters
Parameter	Description	Default
pfs_configuration.hostname	Process Federation Server hostname.
pfs_configuration.port	Process Federation Server port.	443
pfs_configuration.service_type	How the HTTPS endpoint service should be published. Possible values are ClusterIP, NodePort, Route.	Route
New in 20.0.3 pfs_configuration.elasticsearch.endpoint For 20.0.2 pfs_configuration.external_elasticsearch.endpoint	Endpoint of external elasticsearch, such as: https://`external_es_host`:`external_es_port`.
New in 20.0.3 pfs_configuration.elasticsearch.admin_secret_name For 20.0.2 pfs_configuration.external_elasticsearch.admin_secret_name	The external Elasticsearch administrative secret that contains the following keys: `.htpasswd`: A file listing the users and associated passwords that are allowed to authenticate. `username`: The name of a user referenced in the `.htpasswd` file. Process Federation Server pods use this user to connect to Elasticsearch. `password`: The password of the user provided through the `username` key. Process Federation Server uses this password to connect to Elasticsearch.
New in 20.0.3 pfs_configuration.elasticsearch.connect_timeout	External Elasticsearch connection timeout setting.	10s
New in 20.0.3 pfs_configuration.elasticsearch.read_timeout	External Elasticsearch read timeout setting.	30s
New in 20.0.3 pfs_configuration.elasticsearch.thread_count	External Elasticsearch thread count setting.
pfs_configuration.admin_secret_name	Name of the Kubernetes secret that contains the Process Federation Server administration passwords, such as keystorePassword, ltpaPassword, oidcClientPassword, sslKeyPassword, truststorePassword.	ibm-pfs-admin-secret
pfs_configuration.config_dropins_overrides_secret	Name of the Kubernetes secret that contains the files that will be mounted in the /config/configDropins/overrides folder.
pfs_configuration.enable_notification_server	Whether to enable the notification server	false
New in 20.0.3 pfs_configuration.enable_default_security_roles	Whether to enable default security roles.	true
pfs_configuration.image.repository	Process Federation Server image.	pfs-prod
pfs_configuration.image.tag	Process Federation Server image tag.	20.0.3 (or 20.0.2 for previous version)
pfs_configuration.image.pull_policy	Process Federation Server image pull policy	IfNotPresent
pfs_configuration.liveness_probe.initial_delay_seconds	Number of seconds after Process Federation Server container starts before the liveness probe is initiated.	300
pfs_configuration.readiness_probe.initial_delay_seconds	Number of seconds after Process Federation Server container starts before the readiness probe is initiated.	240
pfs_configuration.replicas	Number of initial Process Federation Server pods.	1
pfs_configuration.service_account	Service account name for the Process Federation Server pod.
pfs_configuration.anti_affinity	Whether Kubernetes can (soft) or must not (hard) deploy Process Federation Server pods onto the same node. Possible values are soft and hard.	hard
pfs_configuration.resources_security_secret	Name of the Kubernetes secret that contains the files to be mounted in the /config/resources/security folder.
pfs_configuration.custom_libs_pvc	Name of the custom libraries that contain the files to be mounted in the /config/resources/security folder.
pfs_configuration.external_tls_secret	Secret that contains the Transport Layer Security (TLS) key and certificate for external HTTPS connections. You can enter the secret name here. If you do not want to use the customized external TLS certificate, leave it empty.
pfs_configuration.external_tls_ca_secret	Certificate authority (CA) used to sign the external TLS secret. It is stored in the secret with the TLS key and certificate. You can enter the secret name here. If you don't want to use the customized CA to sign the external TLS certificate, leave it empty.
pfs_configuration.monitor_enabled	Specify whether to use the built-in monitoring capability.	false
pfs_configuration.tls.tls_secret_name	Existing TLS secret that contains tls.key and tls.crt.
pfs_configuration.tls.tls_trust_list	Existing TLS trust secret.
New in 20.0.3 pfs_configuration.tls.tls_trust_store	Secret to store your custom trusted keystore (optional). The type for the keystore must be JKS or PKCS12. All certificates from the keystore are imported into the trust keystore of the Process Federation Server server. You might run the following sample command to create the secret: `kubectl create secret generic pfs_custom_trust_keystore_secret --from-file=truststorefile=./trust.jks --from-literal=type=JKS --from-literal=password=WebAS`
pfs_configuration.resources.requests.cpu	Requested CPU for Process Federation Server Resource Registry configuration.	500m
pfs_configuration.resources.requests.memory	Minimum memory required (including JVM heap and file system cache) to start an Elasticsearch pod.	512Mi
pfs_configuration.resources.limits.cpu	CPU limit for Process Federation Server Resource Registry configuration.	2
pfs_configuration.resources.limits.memory	Maximum memory (including JVM heap and file system cache) to allocate to each Elasticsearch pod.	4Gi
pfs_configuration.saved_searches.index_name	Name of the Elasticsearch index used to store saved searches.	ibmpfssavedsearches
pfs_configuration.saved_searches.index_number_of_shards	Number of shards of the Elasticsearch index used to store saved searches.	3
pfs_configuration.saved_searches.index_number_of_replicas	Number of replicas (pods) of the Elasticsearch index used to store saved searches.	1
pfs_configuration.saved_searches.index_batch_size	Batch size used when retrieving saved searches.	100
pfs_configuration.saved_searches.update_lock_expiration	Amount of time before an update lock is considered to be expired. Valid values are numbers with a trailing 'm' or 's' for minutes or seconds.	5m
pfs_configuration.saved_searches.unique_constraint_expiration	Amount of time before a unique constraint is considered to be expired. Valid values are numbers with a trailing 'm' or 's' for minutes or seconds.	5m
pfs_configuration.security.sso.domain_name	SSO domain names property of the `webAppSecurity` tag.
pfs_configuration.security.sso.cookie_name	SSO cookie name property of the `webAppSecurity` tag.	ltpatoken2
pfs_configuration.security.sso.ltpa.filename	keysFileName property of the `ltpa` tag.	ltpa.keys
pfs_configuration.security.sso.ltpa.expiration	Expiration property of the `ltpa` tag.	120m
pfs_configuration.security.sso.ltpa.monitor_interval	monitorIntervalproperty of the `ltpa` tag.	60s
pfs_configuration.security.ssl_protocol	sslProtocol property of the `ssl` tag that is used as default SSL configuration.	SSL
pfs_configuration.executor.max_threads	Value of the maxThreads property of the `executor` tag.	80
pfs_configuration.executor.core_threads	Value of the coreThreads property of the `executor` tag.	40
pfs_configuration.rest.user_group_check_interval	Value of the userGroupCheckInterval property of the`ibmPfs_restConfig` tag.	300s
pfs_configuration.rest.system_status_check_interval	Value of the systemStatusCheckInterval property of the `ibmPfs_restConfig` tag.	60s
pfs_configuration.rest.bd_fields_check_interval	Value of the bdFieldsCheckInterval property of the`ibmPfs_restConfig` tag.	300s
pfs_configuration.custom_env_variables.names	Names of the custom environment variables that are defined in the secret that is referenced in customEnvVariables.secret.
pfs_configuration.custom_env_variables.secret	Secret holding custom environment variables.
pfs_configuration.logs.console_format	Format for printing logs on the console. The valid values are basic or json format.	json
pfs_configuration.logs.console_log_level	Log level for printing logs on the console. The valid values are INFO, AUDIT, WARNING, ERROR, and OFF.	INFO
pfs_configuration.logs.console_source	Source of the logs for printing on the console. This property applies only when the consoleFormat is json. Valid values are message, trace, accessLog, ffdc, and audit.	message,trace,accessLog,ffdc,audit
pfs_configuration.logs.trace_format	Format for printing trace logs. The default format for the Liberty server is ENHANCED. The BASIC and ADVANCED formats are for WebSphere® Application Server.	ENHANCED
pfs_configuration.logs.trace_specification	Specification for printing trace logs. An example value is `=info:com.ibm.bpm.federated.=all`.	*=info
pfs_configuration.logs.storage.use_dynamic_provisioning	Whether to use dynamic provisioning for storing the log data for Process Federation Server.	false
pfs_configuration.logs.storage.size	Minimum size of the PV used mounted as Process Federation Server Liberty server /logs folder.	5Gi
pfs_configuration.logs.storage.storage_class	Storage class of the PV used mounted as Process Federation Server Liberty server/logs folder.	Uses the shared_configuration.storage_configuration. sc_fast_file_storage_classname
New in 20.0.3 pfs_configuration.logs.storage.existing_pvc_name	PVC for logs.
pfs_configuration.dba_resource_registry.lease_ttl	Duration of the lease that creates the Process Federation Server entry in the DBA Service Registry, in seconds.	120
pfs_configuration.dba_resource_registry.pfs_check_interval	Interval at which to check that Process Federation Server is running, in seconds.	10
pfs_configuration.dba_resource_registry.pfs_connect_timeout	Number of seconds after which Process Federation Server is considered as not running if no connection can be established.	10
pfs_configuration.dba_resource_registry.pfs_response_timeout	Number of seconds after which Process Federation Server is considered as not running if it has not yet responded.	30
pfs_configuration.dba_resource_registry.pfs_registration_key	Key under which Process Federation Server should be registered in the DBA Service Registry when running.	/dba/appresources/IBM_PFS/PFS_SYSTEM
pfs_configuration.dba_resource_registry.resources.limits.memory	Memory limit for Process Federation Server and Resource Registry integration pod.	512Mi
pfs_configuration.dba_resource_registry.resources.limits.cpu	CPU limit for Process Federation Server and Resource Registry integration pod.	500m
pfs_configuration.dba_resource_registry.resources.requests.memory	Requested amount of memory for Process Federation Server and Resource Registry integration pod.	512Mi
pfs_configuration.dba_resource_registry.resources.requests.cpu	Requested amount of CPU for Process Federation Server and Resource Registry integration pod.	200m

Table 11. Elasticsearch configuration parameters
Parameter	Description	Default
elasticsearch_configuration.es_image.repository	Elasticsearch image.	pfs-elasticsearch-prod
elasticsearch_configuration.es_image.tag	Elasticsearch image tag.	20.0.3 (or 20.0.2 for previous version)
elasticsearch_configuration.es_image.pull_policy	Elasticsearch image pull policy.	IfNotPresent
elasticsearch_configuration.es_init_image.repository	Process Federation Server init image.	pfs-init-prod
elasticsearch_configuration.es_init_image.tag	Process Federation Server init image tag.	20.0.3 (or 20.0.2 for previous version)
elasticsearch_configuration.es_init_image.pull_policy	Process Federation Server init image pull policy.	IfNotPresent
elasticsearch_configuration.es_nginx_image.repository	Elasticsearch ngnix image.	pfs-nginx-prod
elasticsearch_configuration.es_nginx_image.tag	Elasticsearch ngnix image tag.	20.0.3 (or 20.0.2 for previous version)
elasticsearch_configuration.es_nginx_image.pull_policy	Elasticsearch ngnix image pull policy.	IfNotPresent
elasticsearch_configuration.replicas	Number of initial Elasticsearch pods.	1
elasticsearch_configuration.service_type	How the HTTPS endpoint service should be published.	ClusterIP
elasticsearch_configuration.external_port	Port to which the Elasticsearch server HTTPS endpoint will be exposed externally. This parameter is relevant only if `pfs_configuration.elasticsearch.service_type` is set to NodePort.
elasticsearch_configuration.admin_secret_name	The Elasticsearch administrative secret that contains the following keys: `.htpasswd`: A file listing the users and associated passwords that are allowed to authenticate. `username`: The name of a user referenced in the .htpasswd file. Process Federation Server pods use this user to connect to Elasticsearch. `password`: The password of the user provided through the username key. Process Federation Server uses this password to connect to Elasticsearch.
elasticsearch_configuration.anti_affinity	Whether Kubernetes may (soft) or must not (hard) deploy Elasticsearch pods onto the same node. Possible values are soft and hard.	hard
elasticsearch_configuration.service_account	Name of a service account to use. If `elasticsearch_configuration.privileged` is set to true, then this service account must allow running privileged containers. If not provided, `CUSTOM_RESOURCE_NAME-ibm-pfs-es-service-account` is used.
elasticsearch_configuration.privileged	When set to true, a privileged container is created to run the appropriate sysctl commands so that the node that is running the pods can disable swapping and increase the limit on the number of open file descriptors.	false
elasticsearch_configuration.probe_initial_delay	Initial delay for liveness and readiness probes of Elasticsearch pods.	90
elasticsearch_configuration.heap_size	JVM heap size to allocate to each Elasticsearch pod.	1024m
elasticsearch_configuration.monitor_enabled	Specify whether to use the built-in monitoring capability.	false
elasticsearch_configuration.resources.limits.memory	Maximum memory (including JVM heap and file system cache) to allocate to each Elasticsearch pod.	2Gi
elasticsearch_configuration.resources.limits.cpu	Maximum amount of CPU to allocate to each Elasticsearch pod.	1000m
elasticsearch_configuration.resources.requests.memory	Minimum memory required (including JVM heap and file system cache) to start an Elasticsearch pod.	1Gi
elasticsearch_configuration.resources.requests.cpu	Minimum amount of CPU required to start an Elasticsearch pod.	100m
elasticsearch_configuration.storage.persistent	Whether to enable persistent Elasticsearch storage for Process Federation Server. Set to false for non-production or trial-only deployment.	true
elasticsearch_configuration.storage.use_dynamic_provisioning	Set to true to use GlusterFS or another dynamic storage provisioner.	true
elasticsearch_configuration.storage.size	Minimum resource quantity.	10Gi
elasticsearch_configuration.storage.storage_class	Storage class name for Elasticsearch persistent storage.
elasticsearch_configuration.snapshot_storage.enabled	Set to true for production deployment.	false
elasticsearch_configuration.snapshot_storage.use_dynamic_provisioning	Set to true to use GlusterFS or another dynamic storage provisioner.	true
elasticsearch_configuration.snapshot_storage.size	Minimum resource quantity.	30Gi
elasticsearch_configuration.snapshot_storage.storage_class_name	Storage class name for Elasticsearch persistent storage.	Uses the shared_configuration.storage_configuration. sc_fast_file_storage_classname.
elasticsearch_configuration.snapshot_storage.existing_claim_name	By default, a new PVC is to be created. Specify an existing claim here if one is available.