Configuring the installer
Jan 1 2022 at 12:00 AM
Config Structure
- Config
- Defaults
- ServiceDefaults
- ServiceDeployments
Config files, environment name, public certificates
General Configs
These configuration files affect the behavior of the installation application.
File name: GeneralConfig.json
Modify the K8ContextOptions section to point to a Kubernetes config file with the necessary permissions. Alternatively, you can set UseDefaultConfig to true, in which case the installation application will load the Kubernetes configuration file located in the current user’s home directory.
"K8ContextOptions": {
"UseDefaultConfig": false,
"KubeConfigPath": "/some/path/to/kube/config"
},
In the OpenSslCertificateOptions make sure the path to the OpenSSL binary is correct. This is needed to generate the CA for the V-Raptor.
"OpenSslCertificateOptions": {
"OpenSslPath": "/usr/bin/openssl"
}
Checklist
- Kubernetes config file has been specified
- OpenSSL executable path has been set
File name: KubernetesInstallerOptions.json
The table below lists all the available configuration fields.
| Field | Sample Value | Description |
|---|---|---|
| Version | 4.0.21.15 | Specifies the version of the V-Raptor software to deploy |
| GatewayName | vraptor01 | Name of the V-Raptor. This will form part of the Kubernetes namespace |
| RaptorPublicDomain | vraptor01-organisation.commander.io | Domain name that the V-Raptor’s APIs will be accessible on |
| RaptorInternalDomain | organisation | Domain name used internally. This will format part of the Kubernetes namespace |
| StorageClassName | default | Kubernetes storage class used for persistent volume claims |
| CommanderAuthenticationUrl | https://organisation.commander.io/auth | Authentication URL on the Commander tenant that the V-Raptor’s identity service will use for token validation |
| CommanderClientIdSecret | somesecretvalue | Commander “Robot Client” secret |
| CommanderClientId | raptorcli.client | Commander “Robot Client” ID used for username and password authentication passthrough |
| CommanderClientSecret | someseothercretvalue | Commander Single Page Authentication client secret. This is required for access to web applications hosted on the V-Raptor |
| ClientId | vraptor01.client | Commander Single Page Authentication client. This should be set up to allow directs to the V-Raptor |
| UseRoles | true | Should the Raptor make use of Roles managed from Commander for authentication |
| ContainerRepository | iotnxt.azurecr.io | IoTnxt container repository |
| ImagePullSecretName | awsecr-cred | Secret that contains image pull credentials for the chosen container repository |
Below is a minimal configuration file that will result in a functional V-Raptor.
"KubernetesInstallerOptions": {
"Version": "4.0.21.15",
"GatewayName": "vraptor01",
"RaptorPublicDomain": "vraptor01-organisation.commander.io",
"RaptorInternalDomain": "organisation",
"StorageClassName": "raptor4",
"CommanderAuthenticationUrl": "https://organisation.commander.io/auth",
"CommanderClientIdSecret": "someclientsecret",
"CommanderClientId": "somerobot.client",
"CommanderClientSecret": "somerobotsecret",
"ClientId": "vraptor01.client"
}
File name: NamedDeploymentPipelineOptions.json
This config file should not be modified and is for internal use only.
Default Configs
This folder contains the default configuration files described in the Configuration Defaults section. Make use of these files to customise the defaults you need on all V-Raptor services.
Default Config Checklist
- Default security options have been specified in DataProtectionOptions.json
- Default log levels have been set
- Log targets have been configured
- Certificate information and lifetimes have been set
- Config monitor has been enabled/disabled
- Monitor interval has been selected (if used)
- Startup logic has been customised (if needed)
Service Defaults
These configuration files are rolled out with the various backend services. In practice, it is a good idea to fine tune the configs and save them for re-use.
Cloud service defaults
File Name : CloudServiceOptions.json
{
"CloudServiceOptions": {
"CloudConnectionTimeout": 60,
"Communicator": "Rabbit"
}
}
File Name: QueueCredentials.json
The Rabbit queue credentials should be added that point to the RabbitMQ server that will be used for communication with Commander.
{
"DapiRedGreenQueueProxyOptions": {
"Partition": "UNKNOWN.DEFAULT"
},
"GreenQueueOptions": {
"Hosts": [
"queue.host.name"
],
"publicKeyAsXml": "<RSAKeyValue><Exponent>AQAB</Exponent><Modulus>queuekey</Modulus></RSAKeyValue>",
"TraceLogMessages": true,
"RequestedHeartbeatSeconds": 30
},
"RedGreenQueueAdapterOptions": {
"GreenQueueOptions": {
"Hosts": [
"queue.host.name"
],
"publicKeyAsXml": "<RSAKeyValue><Exponent>AQAB</Exponent><Modulus>queuekey</Modulus></RSAKeyValue>",
"TraceLogMessages": true,
"RequestedHeartbeatSeconds": 30
}
}
}
Collector service defaults
While not strictly necessary, these configs can have a large influence on the performance of the V-Raptor depending on the hosting environment.
File Name CollectorServiceOptions.json
General service settings. The salient settings here are the historic processing flag, which can be turned on to prioritise the sending of live of historic telemetry. You can also change the frequency that the V-Raptor will send heartbeats to Commander.
{
"CollectorServiceOptions" : {
"HistoricalProcessing" : false,
"HeartBeatIntervalSecs" : 30
}
}
File Name TelemetryTransmissionOptions.json
This file determines how aggressively the V-Raptor will send live telemetry vs historic telemetry.
{
"TelemetryTransmissionOptions": {
"BoundedCapacity": 100000,
"MaxDegreeOfParallelismTransmitTelemetry": 10000,
"MaxBatchSize": 5000,
"MaxDegreeOfParallelism": 3,
"MaxDbSelectionHistoryPackets": 4000
}
}
File Name : MetaTransmissionOptions.json
You can specify how frequently the V-Raptor may send registrations per gateway in this file. Be careful making this value to small, as this can spam Commander with registrations if a driver is misbehaving.
{
"MetaTransmissionOptions": {
"MinRegistrationIntervalMs": 300000,
}
}
Deployment service defaults
File Name: K8ContextOptions.json
Make sure that the path to the kube config file is where to intend to place it in the container. The example below demonstrates the path in the event this file is placed in the service’s config map (see below).
{
"K8ContextOptions": {
"UseDefaultConfig": false,
"KubeConfigPath": "/data/deployment/Data/Config/kube.config"
}
}
File name kube.config
This file contains the Kubernetes config details required by the deployment agent. It can also be copied into the container after installation should you not want it present in the config map. However, it should be placed in the container’s persistent storage directory if it is not in the config map.
Deployment Service Checklist:
- In-container Kubernetes config file provided
- In-container Kubernetes config path specified
Device Store service defaults
These configs will influence where the V-Raptor fetches driver and service updates.
File Name: NugetPackageApiOptions.json
Leave this file as is. It configures the naming convention used to distinguish between the various package types deployed in the V-Raptor.
{
"DeviceStoreEnvironmentOptions": {
"DeviceUiPackageSuffix": "UI",
"DeviceDeploymentPackageSuffix": "Meta"
}
}
File Name: DeviceStorePackageOptions.json
Specifies the temporary directory where packages are extracted to inside the container. This may not be Tmp as this directory is reserved for other uses.
{
"DeviceStorePackageOptions": {
"TemporaryDownloadDirectory": "Temp",
"AsyncTimeout": 2000
}
}
File Name: NugetPackageApiOptions.json
This configuration file specifies where the V-Raptor will look for driver and service updates.
{
"NugetPackageApiOptions": {
"PackageSourceUrl": "https://community-vraptor.iotnxt.io/drivers/prod/v3/index.json",
"PackageSourceTimeoutMs": 20000,
"Username": "storeuser",
"Password": "storepass",
"IsPasswordCleartext": true,
"AuthenticationTypes": [ "digest" ],
"CertificateSubjectName": "prod.store.signing.cert"
}
}
The username and password should be supplied by the owner of the repository.
File Name: NugetDevicePackageProviderOptions.json
If using multiple upstream stores, the following config file needs to be present.
{
"NugetDevicePackageProviderOptions": {
"PackagesLifetimeMinutes": 1,
"Catalogue": {
"Prod": {
"Priority": 1,
"PackageSourceUrl": "https://community-vraptor.iotnxt.io/drivers/prod/v3/index.json",
"PackageSourceTimeoutMs": 20000,
"Username": "storeuser",
"Password": "storepass",
"IsPasswordCleartext": true,
"AuthenticationTypes": [ "digest" ],
"CertificateSubjectName": "prod.store.signing.cert"
},
"Prototype": {
"Priority": 2,
"PackageSourceUrl": "https://community-vraptor.iotnxt.io/drivers/prototype/v3/index.json",
"PackageSourceTimeoutMs": 20000,
"Username": "storeuser",
"Password": "storepass",
"IsPasswordCleartext": true,
"AuthenticationTypes": [ "digest" ],
"CertificateSubjectName": "prototype.store.signing.cert"
}
}
}
}
To use the above, the following config also needs to be supplied to the device store, as it will default to a single upstream source.
{
"DeviceStoreServiceOptions": {
"PackageProviderType": "MultiNuget"
}
}
Device Store Checklist:
- Upstream source(s) has been configured
- Working directory has been set
- Single or multiple upstream stores selected
Service deployments
These are the templates for service deployments. It is generally not recommended to modify these files, except to change the allocated storage amounts if using persistent storage. If a distributed storage method will be used by a service (e.g. MongoDB), then UsePersistentStorage can be set to false.
"UsePersistentStorage": true,
"StorageAmountBytes": 1e8,
Final Checklist:
- Commander secrets have been created and applied to configs
- Queue credentials have been provided
- Kubernetes config and Openssl path has been configured
- Default configs have been configured
- Service defaults have been added
- Storage amounts have been set