Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 61 Next »

This is the most important configuration file in Insights product. It is required to run WAR file, Platform engine jar as well as Report jar. It is important to keep the server-config.json updated with the latest changes. Find the various components of server-config.json on this page.

Introduction :

This is most important file in Insights Application which contain all necessary configuration to run product

Configuration from UI :

  1. Go to section Configuration –> server configuration

  2. Update all value and save the record

  3. check mandatory field in Mandatory Fields/Sections mentioned below

 Sample Server Config Json file

server-config.json file is present at "%INSIGHTS_HOME%"\.InSights environment variable path location.

Sample Server Config Json file

{
	"vault": {
		"isVaultEnable": false,
		"vaultEndPoint": "http://localhost:8200/v1",
		"secretEngine": "",
		"vaultToken": ""
	},
	"grafana": {
		"grafanaEndpoint": "http://localhost:3000",
		"grafanaDBEndpoint": "jdbc:postgresql://localhost:5432/grafana",
		"adminUserName": "",
		"adminUserPassword": ""
	},
	"trustedHosts": [
		"localhost"
	],
	"graph": {
		"endpoint": "http://localhost:7474",
		"authToken": "",
		"boltEndPoint": "bolt://localhost:7687",
		"maxIdleConnections": 25,
		"logQueryIfProcessingTimeGreaterThanInMS": 5
	},
	"postgre": {
		"userName": "",
		"password": "",
		"insightsDBUrl": "jdbc:postgresql://localhost:5432/insight",
		"grafanaDBUrl": "jdbc:postgresql://localhost:5432/grafana",
		"c3pMinSize": "9",
		"c3pMaxSize": "25",
		"c3pTimout": "1800",
		"c3pMaxStatements": "300"
	},
	"messageQueue": {
		"host": "localhost",
		"port": 5672,
		"user": "",
		"password": "",
		"prefetchCount": 5,
		"enableDeadLetterExchange":false
	},
	"agentDetails": {
		"isOnlineRegistration": true,
		"onlineRegistrationMode": "nexus",
		"browseRepoUrl": "https://infra.cogdevops.com/service/rest/repository/browse/docroot/insights_install/release",
		"downloadRepoUrl": "https://infra.cogdevops.com/repository/docroot/insights_install/release",
		"nexusUserName": "",
		"nexusPassword": "",
		"docrootUrl": "https://platform.cogdevops.com//insights_install/release",
		"offlineAgentPath": "C:\\InSights_Windows\\Agents\\offlineAgent",
		"unzipPath": "C:\\InSights_Windows\\Agents\\PlatformAgents\\unzip",
		"agentExchange": "iAgent",
		"agentPkgQueue": "INSIGHTS.AGENTS.PACKAGE"
	},
	"endpointData": {
		"elasticSearchEndpoint": "http://localhost:9200"
	},
	"queryCache": {
		"esCacheIndex": "neo4j-cached-results/querycacheresult"
	},
	"assessmentReport": {
		"outputDatasource": "NEO4J",
		"maxWorkflowRetries": 3,
		"fusionExportAPIUrl": "http://localhost:1337/api/v2.0/export"
	},
	"workflowDetails": {
		"corePoolSize": 8,
		"maximumPoolSize": 20,
		"keepAliveTime": 20,
		"waitingQueueSize": 10,
		"workflowExecutorCron": "1 0 0 * * ?",
		"workflowRetryExecutorCron": "0 0 */4 ? * *"
	},
	"emailConfiguration": {
		"sendEmailEnabled": false,
		"smtpHostServer": "",
		"smtpPort": "",
		"smtpUserName": "",
		"smtpPassword": "",
		"isAuthRequired": true,
		"smtpStarttlsEnable": true,
		"mailFrom": "onedevops@cogdevops.com",
		"subject": "Health Status - {TimeOfReportGeneration}",
		"systemNotificationSubscriber": ""
	},
	"correlations": {
		"correlationWindow": 48,
		"correlationFrequency": 3,
		"batchSize": 2000
	},
	"schedulerConfigInMin": {
		"auditEngineInterval": 60,
		"webhookEngineInterval": 10,
		"engineAggregatorModuleInterval": 10,
		"engineCorrelatorModuleInterval": 60,
		"offlineDataProcessingExecutorInterval": 10,
		"dataArchivalEngineInterval": 240
	},
	"singleSignOnConfig": {
		"entityId": "",
		"appId": "",
		"metadataUrl": "",
		"metdataFilePath": "",
		"keyStoreFilePath": "C:\\InSights_Windows\\Server2\\INSIGHTS_HOME\\.InSights\\saml-keystore.jks",
		"keyAlias": "",
		"keyPass": "",
		"keyStorePass": "",
		"appBaseUrl": "baseURL",
		"relayStateUrl": "relayStateUrl",
		"defaultTargetUrl": "defaultTargetUrl",
		"postLogoutURL": "logoutURL",
		"tokenSigningKey": "insights_IDP_CogDevops_SSO_Token_string",
		"servicePrincipalKerberos": "",
		"keyTabLocationKerberos": "C:\\InSights_Windows\\Server2\\INSIGHTS_HOME\\.InSights\\kerberos_keytab_file.keytab"
	},
	"mlConfiguration": {
		"h2oEndpoint": ""
	},
	"webhookEngine": {
		"enableWebHookEngine": false,
		"eventProcessingWindowInMin": 60
	},
	"insightsServiceURL": "http://localhost:8080",
	"insightsTimeZone": "UTC",
	"refreshTime": "Jan 22, 2017 5:04:25 PM",
	"enableOnlineDatatagging": false,
	"enableAuditEngine": false,
	"enableDataArchivalEngine": false,
	"autheticationProtocol": "NativeGrafana",
	"pdfkey": "",
	"applicationLogLevel": {
		"updateLevelTransitiveDependency": false,
		"serviceLogLevel": {
			"PlatformService": "DEBUG",
			"PlatformEngine": "DEBUG",
			"PlatformReport": "DEBUG",
			"PlatformRegressionTest": "DEBUG"
		}
	},
	"proxyConfiguration":{
		"isEnableProxy":false,
		"proxyHost":"",
		"proxyPort":0,
		"proxyUsername":"",
		"proxyPassword":""
	
	}
}
 Mandatory Fields/Sections
    "vault": {
		"isVaultEnable": false,
	},
	"grafana": {
		"grafanaEndpoint": "http://localhost:3000",
		"grafanaDBEndpoint": "jdbc:postgresql://localhost:5432/grafana",
		"adminUserName": "",
		"adminUserPassword": ""
	},
	"trustedHosts": [
		"localhost",
		"http://localhost:8080"
	],
	"graph": {
		"endpoint": "http://localhost:7474",
		"authToken": "",
		"boltEndPoint": "bolt://localhost:7687",
	},
	"postgre": {
		"userName": "",
		"password": "",
		"insightsDBUrl": "jdbc:postgresql://localhost:5432/insight",
		"grafanaDBUrl": "jdbc:postgresql://localhost:5432/grafana",
	},
	"messageQueue": {
		"host": "localhost",
		"user": "",
		"password": "",
	},
	"singleSignOnConfig": {
		"tokenSigningKey": "insights_IDP_CogDevops_SSO_Token_string",
	},
	"autheticationProtocol": "NativeGrafana",
	"insightsServiceURL": "http://localhost:8080"

 Server Config configuration with Vault

Installing fresh Insights application

  • Configure Vault with Storage Engine as PostgreSQL, all configuration steps mention in Vault Configuration with PostgreSQL DB

  • Add following minimum configuration inside Insights INSIGHTS_HOME\.InSights\server-config.json

    {
                    "vault": {
                                    "isVaultEnable": true,
                                    "vaultEndPoint": "http://10.10.90.42:8200/v1",
                                    "secretEngine": "database-insights",
                                    "vaultToken": "<vault root token>"
                    },
                    "grafana":{
                                    "grafanaEndpoint":"http://localhost:3000"
                    },
                    "trustedHosts":[
                                    "localhost"
                    ]
    }

  • Make sure that isVaultEnable = true with correct vault token, Vault is started and unsealed

  • Start Tomcat application

  • Login Insights UI with basic grafana credential using user ‘admin’ most probably password is ‘admin’

  • On successful login, It will load server configuration on UI, do the respective changes

  • Save the changes, It will store all your configuration in vault in encrypted format

  • If you want to edit any field in server configuration then use Insights UI

  • With Native Grafana authentication there is no need to restart tomcat, it automatically loads server config changes.

  • In case of SSO, initial login will be with initial grafana credential, do respective changes and restart tomcat.

Upgrade Insights Application to Vault

  • Configure Vault with Storage Engine as “PostgreSQL” all configuration steps mention in Vault Configuration with PostgreSQL DB

  • Backup your existing server config json file

  • Add following minimum configuration inside Insights INSIGHTS_HOME\.InSights\server-config.json

    {
                    "vault": {
                                    "isVaultEnable": true,
                                    "vaultEndPoint": "http://10.10.90.42:8200/v1",
                                    "secretEngine": "database-insights",
                                    "vaultToken": "<vault root token>"
                    },
                    "grafana":{
                                    "grafanaEndpoint":"http://localhost:3000"
                    },
                    "trustedHosts":[
                                    "localhost"
                    ]
    }
  • Make sure that isVaultEnable = true with correct vault token, Vault is started and unsealed

  • Start Tomcat application

  • Login Insights UI with basic grafana credential using user ‘admin’ most probably password is ‘admin’

  • On successful login, It will load server configuration on UI, do the respective changes copy detail from your backup server config

  • Save the changes, It will store all your configuration in vault in encrypted format

  • If you want to edit any field in server configuration then use Insights UI

  • With Native Grafana authentication there is no need to restart tomcat, it automatically loads server config changes.

  • In case of SSO, initial login will be with initial grafana credential, do respective changes and restart tomcat.

Upgrade Agent Changes with Vault

If existing application have agent configured with vault then it is mandatory to upgrade it using following steps

  • Login to Insights UI , go to Agent Configuration

  • Changes Agent version >= 7.3

  • Update all your secret again so that it will store in new vault  

  • Restart agent

  • New Agent Registration will affect with these changes

 Server Config configuration without Vault

Installing fresh Insights application

  • Either configuration start with minimum configuration mention below

    {
                    "vault": {
                                    "isVaultEnable": false,
                                    "vaultEndPoint": "",
                                    "secretEngine": "",
                                    "vaultToken": ""
                    },
                    "grafana":{
                                    "grafanaEndpoint":"http://localhost:3000"
                    },
                    "trustedHosts":[
                                    "localhost"
                    ]
    }

  • Start Tomcat application

  • Login Insights UI with basic grafana credential using user ‘admin’ most probably password is ‘admin’

  • On successful login, It will load server configuration on UI, do the respective changes

  • Server config changes store in file system with unencrypted format

  • With Native Grafana authentication there is no need to restart tomcat, it automatically loads server config changes.

  • In case of SSO, initial login will be with initial grafana credential, do respective changes and restart tomcat.

Another way is to configure server config directly on file system INSIGHTS_HOME\.InSights\server-config.json and restart tomcat and other services

 Components of server-config.json

Component

Significance

"endpointData": {
"elasticSearchEndpoint": "http://localhost:9200"
}

  • endpointData - It has the configuration for Elaticsearch database.

    • elasticSearchEndpoint - It is the server path, where Elasticsearch database is hosted.

"graph":{
"endpoint":"http://localhost:7474",
"authToken":"",
"boltEndPoint":"bolt://localhost:7687",
"maxIdleConnections":25
}

  • graph - This section refers to Neo4j database configurations.

    • endpoint - It is the server/hostname where Neo4j is hosted.

    • authToken - It is token for Neo4j authentication.

    • boltEndPoint - Its Neo4j boltEndPoint

    • maxIdleConnections - Maximum connection use for Neo4j (use only with java Neo4j driver)

"grafana": {
"grafanaEndpoint": "http://localhost:3000",
"grafanaDBEndpoint": "jdbc:postgresql://localhost:5432/grafana",
"adminUserName": "admin",
"adminUserPassword": "admin",
"dbUserName": "user",
"dbPassword": "password"
}

  • grafana - It contains the details of Grafana.

    • grafanaEndpoint - It is the web server location where Grafana is hosted.

    • grafanaDBEndpoint - It's the configuration to connect PostgreSQL database.

    • adminUserName - It is the username of admin for Grafana.

    • adminUserPassword - It is the corresponding password for the username of admin for Grafana.

    • dbUserName - It is the username to log intoPostgreSQL.

    • dbUserName - It is the corresponding password for the username to log into PostgreSQL.

"postgre": {
"userName" : "user",
"password" : "password",
"insightsDBUrl": "jdbc:postgresql://127.0.0.1:5432/insight",
"grafanaDBUrl": "jdbc:postgresql://127.0.0.1:5432/grafana"
}

  • postgre - This module has the configurations for PostgreSQL

    • userName - It is the username to log into PostgreSQL

    • password - It is the corresponding password for the username to log into PostgreSQL.

    • insightsDBUrl - It is the JDBC connectivity URL of Insights data storage index, which stores information related to Insights Application.

    • grafanaDBUrl - It is the JDBC connectivity URL of Grafana data storage index, which stores information related to Grafana.

"messageQueue": {
"host": "localhost",
"port": 5672,
"user": "",
"password": "",
"prefetchCount": 5,
"enableDeadLetterExchange":false

}

  • messageQueue - These are the configurations related to RabbitMQ server.

    • host - It is the host location at which RabbitMQ is running.

    • user - It is username to log into RabbitMQ application.

    • port - port of RabbitMQ application, If not defined then application connect to default port 5672

    • password - It is the corresponding password for the username to log into RabbitMQ application.

    • prefetchCount - It is to control the number of files consumed by the Insights Engine.The value should be calculated based on number of messages and system configuration.

    • enableDeadLetterExchange - If true then this will enable DeadLetterExchange for RabbitMq, make sure that it enabled in Agent Daemon also


"agentDetails": {

"isOnlineRegistration":true,
"onlineRegistrationMode":"nexus",
"browseRepoUrl":"https://infra.cogdevops.com/service/rest/repository/browse/docroot/insights_install/release",
"downloadRepoUrl":"https://infra.cogdevops.com/repository/docroot/insights_install/release,
"nexusUserName":"",
"nexusPassword":"",
"docrootUrl":"https://platform.cogdevops.com//insights_install/release",
"offlineAgentPath":"D:\Project\Insights\InSights_Windows\Agents\offlineAgent",
"unzipPath":"D:\Project\Insights\InSights_Windows\Agents\PlatformAgents\unzip",
"agentExchange":"iAgent",
"agentPkgQueue":"INSIGHTS.AGENTS.PACKAGE"

}

  • agentDetails - These are the configurations needed to setup agents in Insights Application.

    • isOnlineRegistration : This property is used to decide mode of agent registration online or offline

    • onlineRegistrationMode : It is server from where you are downloading Agent package nexus or docroot, After 7.0 we migrated all package on nexus.

    • browseRepoUrl - use browse agent package in online mode

    • downloadRepoUrl - use to download agent package in online mode

    • docrootUrl - It is the location from which agent would be downloaded in a zip file.

    • unzipPath - It is the local system path where the downloaded zip file would be extracted.

    • agentExchange - It is the channel where agent related data exchanges will take place.

    • agentPkgQueue - It is the queue name where all the various agents will be queued. This is use by daemon agent for connnection

"queryCache": 
{
     "esCacheIndex": "neo4j-cached-results-custom"
}

  • queryCache - This configuration helps us to set custom Neo4j data source's query caching index in Elasticsearch.
    esCacheIndex - It is the custom index of Elaticsearch where cache results will be stored.

  • For more detail check Query Caching

"insightsServiceURL": "https://localhost:8080"

  • insightsServiceURL - It is the web server host and port where "PlatformService.war" file is deployed and run.

"insightsTimeZone": "US/Central"

  • insightsTimeZone - It is the local timezone of the country/place.

"enableOnlineDatatagging": true

  • enableOnlineDatatagging - This property is required to enable/disable Business Mapping on data.

"enableOnlineBackup": true

  • enableOnlineBackup - This property is required to enable the backup when the Engine is running.

"autheticationProtocol":"NativeGrafana"

  • autheticationProtocol- This property is used to set particular authentication protocol . For Native Grafana use "NativeGrafana", For SAML use "SAML"

"emailConfiguration": {
"sendEmailEnabled": false,
"smtpHostServer": "",
"smtpPort": "",
"smtpUserName": "",
"smtpPassword": "",
"isAuthRequired": true,
"smtpStarttlsEnable": true,
"mailFrom": "onedevops@cogdevops.com",
"mailTo": "",
"subject": "Health Status - {TimeOfReportGeneration}",
"emailBody": "Hi Team, Attaching the report File",
"systemNotificationSubscriber": ""
}

This section use to configure Email

  • sendEmailEnabled : if true then Email functionality enabled

  • smtpHostServer : SMTP server Host

  • smtpPort : SMTP server port

  • smtpUserName : SMTP username Detail

  • smtpPassword : SMTP username

  • isAuthRequired : if true then SMTP authentication enable

  • smtpStarttlsEnable : SMTP ttl enable

  • mailFrom : Mail from email id

  • mailTo : No need to configure, configure it from UI like Report Management

  • emailBody : This is aonly use for Health check Naotification page

  • systemNotificationSubscriber : Only use for Health check Notification messages

"singleSignOnConfig": {
"entityId": "",
"appId": "",
"metadataUrl": "",
"metdataFilePath": "",
"keyStoreFilePath": "C:\InSights_Windows\Server2\INSIGHTS_HOME\.InSights\saml-keystore.jks",
"keyAlias": "",
"keyPass": "",
"keyStorePass": "",
"appBaseUrl": "baseURL",
"relayStateUrl": "relayStateUrl",
"defaultTargetUrl": "defaultTargetUrl",
"postLogoutURL": "logoutURL",
"tokenSigningKey": "insights_IDP_CogDevops_SSO_Token_string",
"servicePrincipalKerberos": "",
"keyTabLocationKerberos": "C:\InSights_Windows\Server2\INSIGHTS_HOME\.InSights\kerberos_keytab_file.keytab"
}

  • entityId: Identifier (Entity ID) for your SMAL configuration

  • appId:copy app id from App Federation Metadata Url

  • metadataUrl:App Federation Metadata Url

  • metdataFilePath :Download SAML Signing Certificate from sso provider site and store it in INSIGHTS_HOME

  • keyStoreFilePath:path of certificae like saml-keystore.jks, Download this certificate from your sso provider URL

  • keyAlias :saml-keystore.jks username

  • keyPass :saml-keystore.jks password

  • keyStorePass :saml-keystore.jks password

  • appBaseUrl :Application service Host URL, Example <https://<HostOrDomainName>/PlatformService>

  • relayStateUrl :SSO login UI page URL, Example <https://<HostOrDomainName>/app/#/ssologin>

  • defaultTargetUrl :Application user authenticate url, Example <https://<HostOrDomainName>/user/authenticate>

  • postLogoutURL :SAML or SSO provider logout URL, Example value https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0

  • tokenSigningKey :This is use as secrete key to sign JWT token,It should be 128 character ,Example value:"insights_IDP_CogDevops_SSO_Token_string"

  • servicePrincipalKerberos: Use during Kerberos Authentication protocol for service Principal Kerberos

  • keyTabLocationKerberos: Use during Kerberos Authentication protocol for Keytab location

"assessmentReport": {
"outputDatasource": "NEO4J",
"maxWorkflowRetries": 3,
"fusionExportAPIUrl": "http://localhost:1337/api/v2.0/export"
}

This functionality user for Reporting feature

  • outputDatasource : Datasouce for KPI query execution

  • maxWorkflowRetries : No of retires for Report execution if not executed correctly

  • fusionExportAPIUrl : User for Fusion Report



Top Section

  • No labels