How to apply changes to the Controller environment
Changes in the installation.yaml can be applied by running the install script or the upgrade script. Note that re-running the install script will delete any information that would have been stored previously.
Required fields in installation.yaml
|
Variable Name
|
Key Value
|
Explanation of the Variable and Key Values
|
controller.name |
String |
This will be the identifier used in the VF Server UI. So, this should be as precise a name as possible, e.g. "UAT Viper" or "Prod App1" |
controller.host |
String |
The controller.host is the address that the vFunction Server address with which the Controller will connect. The value needs to start with http:// or https://. The value can be an IP Address or a FQDN |
controller.org_id
controller.app_id
controller.client_id
controller.client_secret
|
Strings |
Once the Server is installed, the Admin can log into the UI and create the App. In the UI's Install Controller dialog box, the YAML values for the org_id, app_id, client_id and client_secret will be displayed. The values for this YAML file should be copied for the Server UI to here |
controller.type |
String |
"dotnet" |
viper.assemblies |
List of Strings |
Path(s) to the Monolithic Application's directory where the assemblies (DLLs, EXEs, Resource Files) are placed, such as the ..\bin directory |
Sample with required fields in installation.yaml
controller:
name: Prod App1
host: http://10.0.0.143
org_id: 3cf59199-0a0a-0a0a-0a0a-7c63ffac776e
app_id: 7b1ab58d-0a0a-0a0a-0a0a-098a113ad721
client_id: 20761b99-0a0a-0a0a-0a0a-94c2e0bc1859
client_secret: 6b5b7bc1-0a0a-0a0a-0a0a-2bd10db75e2f
type: dotnet
tags:
# - tag1
client_certificate:
crt: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
server_application:
# name:
# include_classes: com.
# allowed_users:
# new_user_default_password:
viper:
assemblies:
- /tmp/vfunction/assemblies/bin
stored_procedure:
# optional db_provider: sqlserver, oracle
# db_provider:
# optional db_connection_string: Server=<IP>;Database=<DB name>;User ID=<ID>;Password=<Password>;Encrypt=False
# db_connection_string:
Optional fields in installation.yaml
controller.client_certificate
| Installation.yaml Configuration |
Details |
controller:
client_certificate:
crt: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
|
- Adding a Client Certificate and Key to the Controller allows for the vFunction Server and Controller to have some form of verification
- The Controller loads and sends the Client Certificates to a Server that verifies the source of the traffic. That Server could be set up as an intermediary that manages token validation, such as an IBM DataPower Gateway, before being sent onto the vFunction Server
- The vFunction Nginx Container could also be configured to "ssl_verify_client on" and point to the Client Certificate which would be loaded on the Nginx Container's filesystem somewhere like /etc/nginx/certs/ca.crt
- Note that the indentation must be maintained when copy-and-pasting the Certificate and Key into the installation.yaml
|
| Installation.yaml Configuration |
Details |
controller:
tags:
- applicationName
- moduleName
|
- Tags can be used during Learning to make sure that Learning occurs on one or all Controllers with a specific Tag. This ensures that, even if a Controller with a specific UUID goes down, Learning will still occur on live Controllers with the desired Tag name
|
server_application.name
| Installation.yaml Configuration |
Details |
server_application:
name: "OMS Dotnet"
|
- Two workflows are available to allow the Agent to communicate with the vFunction Server: (1) Use the UUIDs gathered after creating the vFunction Application in the UI or (2) Create the Application from the Agent itself. The server_application.name is used in the second workflow
- This key must be used in conjunction with the server_application.include_classes, server_application.server_username and server_application.server_password fields
- The value associated with this Key will be the vFunction UI's Application Name
- During the Agent installation process, if these fields are present then the vFunction Application will be created in the vFunction UI
|
server_application.include_classes
| Installation.yaml Configuration |
Details |
server_application:
include_classes: "oms."
|
- Two workflows are available to allow the Agent to communicate with the vFunction Server: (1) Use the UUIDs gathered after creating the vFunction Application in the UI or (2) Create the Application from the Agent itself. The server_application.name is used in the second workflow
- This key must be used in conjunction with the server_application.name, server_application.server_username and server_application.server_password fields
- The value associated with this Key will be the Classes to Include / Namespace / Top-Level Package to be filtered into the vFunction Analysis
- During the Agent installation process, if these fields are present then the vFunction Application will be created in the vFunction UI
|
server_application.allowed_users
| Installation.yaml Configuration |
Details |
server_application:
allowed_users: "name@email.com, name2@email.com"
|
- This allows non-Administrators to access a vFunction Application
- The Key takes a list of comma-separated email addresses
|
server_application.new_user_default_password
| Installation.yaml Configuration |
Details |
server_application:
new_user_default_password: "Password1!"
|
- New users need a one-time password to finish their Account Creation. This allows for the Default New User Password to be created automatically
|
viper.debug_mode
| Installation.yaml Configuration |
Details |
viper:
debug_mode: true
|
- Adds additional logging to the output of the vfviper.log
|
Global.yaml Settings
Overview
The installation.yaml defines the settings for individual instances. The global.yaml defines the settings for all instances in the environment. The settings in the global.yaml are distinct from the settings in the installation.yaml
Location of Global.yaml
- Root / Sudo Installation: /etc/sysconfig/vfunction/installation/global.yaml
- Sudoless Installation: BASE_DIRECTORY/vfunction/etc/sysconfig/vfunction/installation/global.yaml
Optional Global.yaml Settings
agent.use_java_6_or_7_jre
| Global.yaml Configuration |
Details |
agent:
use_java_6_or_7_jre: true
|
- Uncomment this value to change from the default value of "false"to the value "true"
- Setting this value to "true" will allow the installation to use a distinct vFunction Agent version intended for Applications that run on Java 6 or 7
- Leaving this value as "false" or commented out will allow the installation to use the vFunction Agent intended for Applications that run on Java 8, 11 or 17
|
controller.poll_interval_secs
| Global.yaml Configuration |
Details |
controller:
poll_interval_secs: 5
|
- By default, the vFunction Agents attempt to reach the vFunction Server every five seconds with an Alive message. This workflow helps the Server know which Agents are Up. And, the Server's response to this Alive message initiates the Learning process for the Agents
- The polling interval can be increased or decreased as desired
|
controller.upload_interval_secs
| Global.yaml Configuration |
Details |
controller:
upload_interval_secs: 15
|
- By default when in Learning, the vFunction Agent collects all traces from the Application and sends these traces to the vFunction Server every 15 seconds for analysis
- This upload interval can be increased or decreased as desired
|
general.custom_logs_folder
| Global.yaml Configuration |
Details |
general:
custom_logs_folder: /path/to/desired/folder
|
- By default, the vFunction Agent writes logs to (sudo) /var/log/vfunction/instances/$INSTANCE_NAME or (sudoless) $BASE_INSTALL_DIR/vfunction/var/log/vfunction/instances/$INSTANCE_NAME. The logging directory can be changed to a separate location as desired
|
general.sleep_after_service_start
| Global.yaml Configuration |
Details |
general:
sleep_after_service_starts:
|
- This setting is useful for Viper only. After running the installation / upgrade / restart script, the script and / or Service goes to sleep for 1 second by default. Then the Service attempts to connect to the vFunction Server. This setting adjusts the amount of time before the connectivity attempt is made
|
general.sleep_after_service_stop
| Global.yaml Configuration |
Details |
general:
sleep_after_service_stop:
|
- This setting is useful for Viper only. After running the installation / upgrade / restart script, the script and / or Service attempts to confirm that the Service is actually stopped. This setting adjusts the amount of time before the attempt is made to confirm that the Service was actually stopped
|
proxy.http_proxy
| Global.yaml Configuration |
Details |
proxy:
http_proxy:
|
- Ensures that all HTTP outbound requests from the vFunction Agent to the vFunction Server are routed through a proxy
- Formatting should include the protocol and port, e.g. http://proxy.address:2197
|
proxy.https_proxy
| Global.yaml Configuration |
Details |
proxy:
https_proxy:
|
- Ensures that all HTTPS outbound requests from the vFunction Agent to the vFunction Server are routed through a proxy
- Formatting should include the protocol and port, e.g. https://proxy.address:2198
|
proxy.no_proxy
| Global.yaml Configuration |
Details |
general:
no_proxy:
|
- This setting ensures that specific addresses are not routed through the HTTP_PROXY and / or HTTPS_PROXY address. This setting is useful if some traffic, such as to a logging processor, are routed internally rather than through a proxy
|
viper.use_machine_java_for_viper
| Global.yaml Configuration |
Details |
viper:
use_machine_java_for_viper: true
|
- With this value set to "false" or commented out, the vFunction installation installs its own version of Java in order for the Viper process to run
- If uncommented and set to "true", the vFunction installation will use the Java version running on the machine where the installation is run
|