Configuring Properties Common to All Deployments

The administrator can configure properties common to all deployments.

Note: Important! These properties must be updated before running compose.sh.

In the Installer, property files are located at /var/jenkins_home/docker-deploy/properties.

For built and downloaded deployment packages, property files are at folder docker-deploy/properties after the deployment package is extracted.

Here is an example list of contents:

tml-cm-crt.pem
tml-cm-key.pk8
tml-cm.jks
tml-tm.jks
tml_cache_properties.json
tml_cluster_properties.json
tml_cm_properties.json
tml_log_properties.json
tml_nosql_properties.json
tml_papi_properties.json
tml_sql_properties.json
tml_tm_properties.json
tml_zones_properties.json

Keystores, Keys, and Certificates

File	Definition	Note
tml-cm-crt.pem	Certificate used in tml-cm
tml-cm-key.pk8	Key used in tml-cm
tml-cm.jks	Keystore used in tml-cm	tml-cm.jks has tml-cm-crt.pem and tml-cm-key.pk8 stored inside.

Customers should prepare their own key, certificate and keystore to be used in tml-cm.

The built-in key, certificate and keystore should not be used for production.

Refer to the Preparing Keystore for Configuration Manager section in Deploying the Installer.

File	Definition
tml-tm.jks	Keystore used in tml-tm

Customers should prepare their own keystore to be used in tml-tm.

The built-in keystore should not be used for production.

Refer to the Preparing Keystore for Traffic Manager section in Deploying the Installer.

Property Hierarchy

File tml_cluster_properties.json specifies properties common to TIBCO Cloud™ API Management - Local Edition cluster. Here are the default contents:

{
    "mysql_root_pwd": "changeme",
    "mysql_masheryonprem_pwd": "changeme",
    "mysql_mashonpremrepl_pwd": "changeme",
    "mysql_mashclient_pwd": "changeme",
    "mysql_masherybackup_pwd": "changeme",
    "mom_server": "https://api-mom.mashery.com",
    "mom_key": "",
    "mom_secret": ""
}

The administrator can customize all MySQL passwords:

"mysql_root_pwd": "changeme",
"mysql_masheryonprem_pwd": "changeme",
"mysql_mashonpremrepl_pwd": "changeme",
"mysql_mashclient_pwd": "changeme",
"mysql_masherybackup_pwd": "changeme",

The administrator can customize MOM access from API Management - Local Edition cluster in tethered mode:

"mom_server": "https://api-mom.mashery.com",
"mom_key": "",
"mom_secret": ""

Zone-Level Properties

File tml_zones_properties.json specifies properties per zone. Here are the default contents:

[
    {
        "zone_serial": "0",
        "mom_server_proxy_host": "",
        "mom_server_proxy_port": 3128,
        "mom_server_proxy_username": "",
        "mom_server_proxy_password": "",
        "target_server_proxy_host": "",
        "target_server_proxy_port": 3128,
        "no_proxy_pool": ""
    },
    {
        "zone_serial": "1",
        "mom_server_proxy_host": "",
        "mom_server_proxy_port": 3128,
        "mom_server_proxy_username": "",
        "mom_server_proxy_password": "",
        "target_server_proxy_host": "",
        "target_server_proxy_port": 3128,
        "no_proxy_pool": ""
    },
    {
        "zone_serial": "2",
        "mom_server_proxy_host": "",
        "mom_server_proxy_port": 3128,
        "mom_server_proxy_username": "",
        "mom_server_proxy_password": "",
        "target_server_proxy_host": "",
        "target_server_proxy_port": 3128,
        "no_proxy_pool": ""
    }
]

The administrator can customize HTTP Proxy for MOM access per zone:

"mom_server_proxy_host": "",
"mom_server_proxy_port": 3128,
"mom_server_proxy_username": "",
"mom_server_proxy_password": "",

The administrator can customize HTTP Proxy for accessing target servers per zone:

"target_server_proxy_host": "",
"target_server_proxy_port": 3128,
"no_proxy_pool": ""

Note:

Each zone is identified by zone_serial. The customer administrator can tailor the property JSON according the number of zones to which Local Edition cluster will be deployed.

Zone properties for zone whose zone_serial is above the actual number of deployed zones will not be used.

For target servers covered in no_proxy_pool, Local Edition directly calls them without going through HTTP proxy.

REGEX (Regular Expression) can be use in the property value.

Example #1:

Note: Note the backslash for escaping double quote.

"no_proxy_pool":"\"target1.na.tibco.com\",\"target2.na.tibco.com\"",

In this example, if the target server is target1.na.tibco.com or target2.na.tibco.com, HTTP proxy server will be bypassed.

Example #2:

Note: Note the backslash for escaping double quote.

"no_proxy_pool":"\"back.*.na.tibco.com\"",

In this example, back.*.na.tibco.com is a regular expression, it matches back1.na.tibco.com and back2.na.tibco.com.

Platform API Properties

The tml_papi_properties.json file specifies properties for platform API V3.

Here are the default properties:

{
  "sp_config_environment_domain_suffix": "mashery.com",
  "areas_customer_area_name": "tml",
  "localdevadmin_handle": "admin",
  "localdevadmin_password": "Ap1Us3rPasswd",
  "masherytestautomation_handle": "mltestautomation",
  "area_uuids": [
    {
      "area_uuid_name": "areas_customer_area_uuid",
      "area_uuid_value": "41a96952-ab9f-4abe-a2c8-e096c63324db"
    },
    {
      "area_uuid_name": "areas_mashery_internal_area_uuid",
      "area_uuid_value": "23b1c970-dcb5-4fe5-8e01-1a1fcf957cc4"
    },
    {
      "area_uuid_name": "areas_mashery_area_uuid",
      "area_uuid_value": "2014f1e7-1dd6-496b-b9bf-1c4b58bf7332"
    },
    {
      "area_uuid_name": "areas_solutions_area_uuid",
      "area_uuid_value": "02bcdfbc-47d0-4951-b3b1-60c5adc3762f"
    }
  ],
  "package_keys": [
    {
      "package_key_name": "your_api_key_for_v3_api",
      "package_key_value": "7wevdpn289e9v4k6g5ndqu6c"
    },
    {
      "package_key_name": "package_key_mapi_222ux5v3ydj6qqptk2y733xa_value",
      "package_key_value": "ajajruzw7hrpaguddnt3r2mq"
    },
    {
      "package_key_name": "package_key_mapi_4ayzfcn742zspfmu6jv48htv_value",
      "package_key_value": "87dgm9vxgwapynf68xk2cjcm"
    },
    {
      "package_key_name": "package_key_mapi_4ngdrf2tg62gvgsq7z9fd2f7_value",
      "package_key_value": "2z33rwdddxhndhz7csu566bk"
    },
    {
      "package_key_name": "package_key_mapi_gauhqskrkf4qzuv92esqht6a_value",
      "package_key_value": "d2779hcqjsw2fda445bsr36z"
    },
    {
      "package_key_name": "package_key_mapi_gtgkmxq8nnz9ajy86xtr9z4e_value",
      "package_key_value": "ddk3c6btngm39vgckqd3kq4t"
    },
    {
      "package_key_name": "package_key_mapi_qqky3473rqptpsrsvjdcm6ah_value",
      "package_key_value": "kyjyn5ystz3f3f7tnep6g79y"
    }
  ],
  "package_secrets": [
    {
      "package_secret_name": "your_secret_for_v3_api",
      "package_secret_value": "nbk27dsyrU"
    },
    {
      "package_secret_name": "package_key_mapi_222ux5v3ydj6qqptk2y733xa_secret",
      "package_secret_value": "3hw2BKbAfx"
    },
    {
      "package_secret_name": "package_key_mapi_4ayzfcn742zspfmu6jv48htv_secret",
      "package_secret_value": "kHnrJ6v4xw"
    },
    {
      "package_secret_name": "package_key_mapi_4ngdrf2tg62gvgsq7z9fd2f7_secret",
      "package_secret_value": "jqYwS5twav"
    },
    {
      "package_secret_name": "package_key_mapi_gauhqskrkf4qzuv92esqht6a_secret",
      "package_secret_value": "RkSEpu3N5w"
    },
    {
      "package_secret_name": "package_key_mapi_gtgkmxq8nnz9ajy86xtr9z4e_secret",
      "package_secret_value": "nXxaYcSCgz"
    },
    {
      "package_secret_name": "package_key_mapi_qqky3473rqptpsrsvjdcm6ah_secret",
      "package_secret_value": "Akj8Q645jN"
    }
  ]
}

Note: Do not customize the following properties during initial deployment:

localdevadmin_handle
localdevadmin_password
masherytestautomation_handle

The localdevadmin_password can be changed after initial deployment. To change the default password, see Changing the Default Admin Password using the Developer Portal.

For customization, see Update Platform API Properties section in Deploying the TIBCO Cloud™ API Management - Local Edition Cluster.

Changing the Default Admin Password using the Developer Portal

The localdevadmin_password property should not be changed from the tml_papi_properties.json file. Even if the password is changed in this file to a different value, the change will not be effective in the running cluster.

To change the default password:

Log in to the Developer Portal at https://<CM_EXTERNAL_IP>:8443/; in case of quick start, use https://localhost:10443/ using the default user name and password.
Click on the User menu > Profile, Update profile > Change password.
Change the password for the logged-in user.
Save the changes.

Properties per Container Type

The following property files specify property per container type:

tml_cache_properties.json
tml_cm_properties.json
tml_log_properties.json
tml_nosql_properties.json
tml_papi_properties.json
tml_sql_properties.json
tml_tm_properties.json

tml_tm_properties.json

Name	Default Value	Comments
auto_binding	ON	When turned ON, sql, cache and logservice URLs will be auto-discovered and bound to the Local Edition component.
http_conn_manager_max_total	256	Caps the maximum supported backend client connections at any given time.
jetty_acceptqueuesize	10 (256 in code)	Jetty Queue size.
jetty_maxidletime	18000 (30000 in code)	Jetty Maximum Idle time.
jetty_pool_maxthreads	500 (500 in code)	Maximum number of jetty threads to be running
logserviceURL	log-set-0-0.log-svc-0.default.svc.cluster.local	Logservice URL is used to communicate with logservice component which processes the Traffic Manager logs.
mail_protocol	smtp	TCP/IP protocol used in sending and receiving e-mail.
mail_smtp_host		The SMTP server to connect to.
mail_smtp_password		Password to connect to SMTP.
mail_smtp_port	25	The SMTP server port to connect to, if the connect() method doesn't explicitly specify one.
mail_smtp_user		Default user name for SMTP.
mail_smtps_host		The SMTPS server to connect to.
mail_smtps_password		Password to connect to SMTPS.
mail_smtps_port	465	The SMTPS server port to connect to, if the connect() method doesn't explicitly specify one.
mail_smtps_user		Default user name for SMTPS.
max_uri_len_for_accesslog	2048	Limits the maximum length of URI data being written to the access log.
java_security_negative_cache_lookups	0	Specified in java.security to indicate the caching policy for unsuccessful name lookups from the name service. The value is specified as an integer to indicate the number of seconds to cache the failure for unsuccessful lookups.
java_security_cache_lookups	0	Specified in java.security to indicate the caching policy for successful name lookups from the name service. The value is specified as an integer to indicate the number of seconds to cache the successful lookup.
nosqlURL	cass-set-0.cass-svc.default.svc.cluster.local	NoSQL URL is used to communicate with registry service.
oauth_http_enabled	TRUE	OAuth HTTP is enabled by default.
oauth_http_port	9083	HTTP port for OAuth.
oauth_https_enabled	TRUE	OAuth HTTPS is enabled by default.
oauth_https_port	8083	HTTPS port for OAuth.
sqlURL	mysql-set-0.mysql-svc.default.svc.cluster.local	SQL URL is used to communicate with the SQL component to get the data.
vmargs	"-d64 \n-Xmx1024m"	VM arguments that typically change the behavior of the Java Virtual Machine (JVM). The Xmx argument allows the Java heap to grow.
use_system_time	true	Use this property for better scalability.

tml_cm_properties.json

Name	Default Value	Comment
auto-binding	ON	When turned ON, logservice URLs will be auto-discovered and bound to the Local Edition cluster component.
domain_notification_from	noreply@mashery.com
domain_notification_recipient	papi@mashery.com
http_conn_manager_max_total	1000	Sets the maximum supported backend client connections at any given time.
jetty_acceptqueuesize	256	Jetty Queue size
jetty_pool_maxthreads	500	Maximum number of Jetty threads to be running
logserviceURL	log-set-0-0.log-svc-0.default.svc.cluster.local	Logservice URL to connect to for processing the logs.
max_endpoints_per_service_created	600	Maximum endpoints in a service that can be created.
max_services_created	600	Maximum services that can be created.
max_uri_len_for_accesslog	2048	This property is used to limit the maximum length of uri data being written to the access log.
smtp_host		The SMTP server to connect to for portal notifications.
smtp_port	25	The SMTP server port to connect to, if the connect () method doesn't explicitly specify one.
smtp_useTls	False	Indicates if the STARTTLS command be used to initiate a TLS-secured connection to the smtp service
smtp_user		Default user name for SMTP
smtp_password		Password to connect to SMTP
domain_notification_from	noreply@mashery.com	Email address of the account from which email is sent by the system.
domain_notification_recipient	papi@mashery.com

tml_sql_properties.json

Name	Default Value	Comment
api_Key		The API key needed to connect to MOM HOST in Local Edition.
api_Secret		The API password needed to connect to MOM HOST in Local Edition.
auto_binding	ON	When turned ON, logservice URLs will be auto-discovered and bound to the Local Editioncomponent.
data_directory	/var/lib/mysql	The path to the MySQL data directory. Only the last component of the path name is created if it does not exist; the parent directory must already exist or an error occurs.
dimdataLogServiceURL	log-set-0-0.log-svc-0.default.svc.cluster.local
expire_logs_days	30	Specifies the number of days before automatic removal of binary log files.
innodb_buffer_pool_size	128M	The size in bytes of the buffer pool, the memory area where InnoDB caches table and index data.
key_buffer_size	16M	The size of the buffer used for index blocks. The key buffer is also known as the key cache.
mysql_bin	mysql-bin	Specifies the base name to use for binary log files.
mysql_log_error	/var/log/mysqld.log	Option to determine whether the default error log destination is the console or a file, and, if a file, the file name.
mysql_log_error_verbosity	1	The verbosity for handling events intended for the error log, as filtered by the log_filter_internal error log filter component, which is enabled by default.
logserviceURL	log-set-0.log-svc.default.svc.cluster.local	Logservice URL to connect to process the logs.
max_allowed_packet	16777216	Maximum packet length to send to or receive from server.
max_binlog_size	1073741824	If a write to the binary log causes the current log file size to exceed the value of this variable, the server rotates the binary logs (closes the current file and opens the next one). The minimum value is 4096 bytes. The maximum and default value is 1GB.
mom_host	https://api-mom.mashery.com	MOM host to connect to sync data from Local Edition.
mom_connect_timeout	30000	Sets a specified timeout value, in milliseconds, to be used when opening a communications link to MOM referenced by a URLConnection.
mom_read_timeout	120000	Sets the read timeout to MOM URL to a specified timeout, in milliseconds. A non-zero value specifies the timeout when reading from Input stream when a connection is established to MOM. If the timeout expires before there is data available for read, a java.net.SocketTimeoutException is raised.
plugin_load	validate_password.so	This option tells the server to load the named plugins at startup. If multiple `--plugin-load` options are given, only the last one is used.
query_cache_size	8M	This system variable was removed in MySQL 8.0.3.
server_id	1234567890	Specifies the server ID. This variable is set by the `--server-id` option. The `server_id` system variable is set to 1 by default. The server can be started with this default ID, but when binary logging is enabled, an informational message is issued if you did not specify a server ID explicitly using the `--server-id`option.
service_sync_interval_minutes	15	Service sync interval to sync service configurations with MOM.
developer_sync_interval_minutes	15	Developer sync interval to sync developer configurations with MOM.
table_open_cache	1000	The number of open tables for all threads. Increasing this value increases the number of file descriptors that mysqld requires.

tml_cache_properties.json

Name	Default Value	Comments
auto_binding	ON	When turned ON, SQL and logservice URLs are auto-discovered and bound to the Local Edition component.
content_cachesize	384	Cache size for memcached Content Pool
content_maxconn	10240	Max connection for memcached Content Pool
content_options	-o modern	Options for memcached Content Pool
content_port	11213	Port for memcached Content Pool
content_user	nobody	User for memcached Content Pool
count_cachesize	256	Cache size for memcached Count Pool
count_maxconn	10240	Max connection for memcached Count Pool
count_options	-o modern	Options for memcached Count Pool
count_port	11212	Port for memcached Count Pool
count_user	nobody	User for memcached Count Pool memcache
logserviceURL	log-set-0.log-svc.default.svc.cluster.local	Logservice URL to connect to process the logs.
mem_cachesize	384	Cache size for memcached Pool
mem_maxconn	10240	Max connection for memcached Pool
mem_options	-o modern	Options for memcached Pool
mem_port	11211	Port for memcached Pool
mem_user	nobody	User for memcached Pool
packager_cachesize	128	Cache size for memcached Packager Pool
packager_maxconn	10240	Max connection for memcached Packager Pool
packager_options	-o modern	Options for memcached Packager Pool
packager_port	11215	Port for memcached Packager Pool
packager_user	nobody	User for memcached Packager Pool
services_cachesize	128	Cache size for memcached Service Pool
services_maxconn	10240	Max connection for memcached Service Pool
services_options	-o modern	Options for memcached Service Pool
services_port	11214	Port for memcached Service Pool
services_user	nobody	User for memcached Service Pool
sqlURL	mysql-set-0.mysql-svc.default.svc.cluster.local	MYSQL URL to connect to load data from
updateddevclass	10	Sync developer classes updated in the last X minutes. X is the value of this property.
updatedhttpsclientsecurity	30	Sync https client security information updated in the last X minutes. X is the value of this property.
updatedmapi	10	Sync mapis updated in the last X minutes. X is the value of this property.
updatedpackager	30	Sync packagers updated in the last X minutes. X is the value of this property.
updatedservice	10	Sync services updated in the last X minutes. X is the value of this property.

tml_log_properties.json

Name	Default Value	Comments
api_key		Only needed for "Tethered" setup.
api_secret		Only needed for "Tethered" setup.
td_agent_output_channelType	DEFAULT (always enabled)	Set this property if you need to send access logs to other destinations. Accepted values are DEFAULT, ELASTICSEARCH, KAFKA, HTTP and TCP. Changing to anything other than DEFAULT requires additional properties: Property Name / Default Value td_agent_out_elasticsearch_host / NULL td_agent_out_elasticsearch_port / NULL td_agent_out_elasticsearch_index / $ {TAG} td_agent_out_http_URI / NULL td_agent_out_kafka_brokers / NULL td_agent_out_kafka_topic / ${TAG} td_agent_out_tcp_host / NULL td_agent_out_tcp_port / NULL
mom_host	https://api-mom.mashery.com	Only needed for "Tethered" setup.

tml_nosql_properties.json

Name	Default Value	Comment
auto_binding	ON	When turned ON, logservice URLs are auto-discovered and bound to the Local Edition component.
logserviceURL	log-set-0.log-svc.default.svc.cluster.local	Logservice URL to connect to process the logs.

Contents

Index