Page History

...

WebPA Server components setup

...

"fqdn"             : Fully qualified domain name of the server
"server"          : Listening IP address (using "localhost" will allow connections only from the current machine.)

"certificateFile"  : Enable this section and update with server certificate files, if there are multiple certs can be combined as crt bundles https://github.com/xmidt-org/scytale/blob/main/scytale.yaml#L52

"endpoints"    : Under "fanout" section, change the IP / Port value to match to the one where Talaria service is listening.

...

"file"                : Under "log" section, change the value from "stdout" to a file name if we need to redirect debug messages to a separate log file.Add the "aws" section with following values for suppressing few error messages  Anchorfake-awsfake-aws

   "aws": {
          "accessKey": "fake",
           "secretKey": "fake",
           "env": "fake",
           "sns": {
               "region": "us-east-1",
               "topicArn": "arn:aws:sns:us-east-1:999999999999:fake",
               "urlPath" : "/api/v2/aws/sns"
           }
    },

This will set AWS & SNS parameters with fake ones since we don't use actual keys and SNS (amazon simple notification service) in the current setup.

Tr1d1um configuration

Sample tr1d1um configuration: https://github.com/xmidt-org/tr1d1um/blob/main/tr1d1um.yaml

Edit the configuration file from /etc/tr1d1um

...

to set following parameters

"fqdn"             : Fully qualified domain name of server

"server"          : IP Address/DNS to which the service has to listen

"version"        : Current version of the service

"region"          : Region of deployment

"flavor"

Edit the configuration file from /etc/tr1d1um to set following parameters

"fqdn"             : Fully qualified domain name of serverDevelopment, Production etc.

"serveraddress"          : IP Address to which the service has to listen

"version"        : Current version of the service

"region"          : Region of deployment

"flavor"           : Development, Production etc.

"address"       : Under "primary" section, change the value to point to the port where tr1d1um service will listen for incoming requests.

"targetURL"   : Change to IP-Address:Port value where SCYTALE service is running.

: Under "primary" section, change the value to point to the port where tr1d1um service will listen for incoming requests.

"targetURL"   : Change to IP-Address:Port value where SCYTALE service is running.

"authHeader" : Auth token Use the auth token which was generated in previous section.

For https add this section after this https://github.com/xmidt-org/tr1d1um/blob/main/tr1d1um.yaml#L59

tls:

certificates:

 - certificateFile: "/etc/cl-certs/primary-public.pem" keyFile:

"/etc/cl-certs/primary-private.pem"

 minVersion: 771 # 0x0303, the TLS 1.2 version uint16"authHeader" : Auth token Use the auth token which was generated in previous section.

Enable the services at boot-up

...