Management API (Platform Manager)
About the Platform Manager
Platform Manager is used to administer the Axual platform. It is used to perform tasks like:
-
Apply topic configuration
-
Allow producer/consumer to access a topic
-
Synchronize Instance
Vault Namespace
In case you are using Hashicorp Vault Enterprise and you are using namespaces to organize your secrets, you need to update the Platform Manager deployment with a reference for namespace.
Authentication Methods
The authentication methods provided by the platform can be configured through the configuration of Platform Manager. By default, only SSL is configured as supported authentication methods. Find out below how additional authentication methods (e.g. SASL_SCRAM_256) can be supported for applications connecting to the platform.
Enabling additional authentication methods
|
From |
Using Axual CLI
Add or modify the following configuration in the Platform Manager config file.
# Define which authentication methods available on the Self-Service portal
MGMT_API_AVAILABLE_AUTH_METHODS="'SSL, SCRAM_SHA_256, SCRAM_SHA_512'"| Be sure to wrap your MGMT_API_AVAILABLE_AUTH_METHODS with single quote |
Using Axual Helm Charts
Edit the values.yaml for your management stack and add the following configuration
|
|
mgmt:
api:
axual:
availableAuthMethods: 'SSL, SCRAM_SHA_512, SCRAM_SHA_256, OAUTH_BEARER'Connect Reconciliation Jobs
When Connect support has been enabled, the Platform Manager uses two jobs to keep plugins and deployments in sync.
The plugins job retrieves the available plugins from an Axual Connect instance and updates the Self-Service.
The deployments job retrieves the connector status in an Axual Connect instance and compares it with the application deployment status, if they do not match, it updates the application deployment status in the Self-Service.
Using Axual CLI
Add or modify the following configuration in the Platform Manager config file to change the Quarts expressions.
# Define how often the plugins job will run
MGMT_API_OPERATION_MANAGER_RECONCILIATION_PLUGINS_CRON="[YOUR_QUARTZ_CRON_EXPRESSION]"
# Define how often the deployments job will run
MGMT_API_OPERATION_MANAGER_RECONCILIATION_DEPLOYMENTS_CRON="[YOUR_QUARTZ_CRON_EXPRESSION]"Using Axual Helm Charts
Edit the values.yaml for your management stack and add the following configuration to change the Quarts expressions.
mgmt:
api:
operationManager:
reconciliation:
connect:
# Define how often the plugins job will run
plugins:
cron: [YOUR_QUARTZ_CRON_EXPRESSION]
# Define how often the deployments job will run
deployments:
cron: [YOUR_QUARTZ_CRON_EXPRESSION]Using TLS/SSL between Management API and Remote DB
To use TLS/SSL between Remote DB and Management API follow the steps below:
-
Change useSSL=true in platform/charts/mgmt/charts/api/values.yaml for Management API
mgmt: api: spring: datasource: urlSuffix: useSsl: true -
Add enabledTLSProtocols to urlSuffix as a comma-separated list, for example: enabledTLSProtocols=TLSv1.2,TLSv1.3
mgmt: api: spring: datasource: urlSuffix: enabledTLSProtocols: TLSv1.2,TLSv1.3 -
When enabling TLSv1.3 for DB connection, we need to be sure that TLSv1.3 is a valid client and https protocols in the jvmArguments"
mgmt: api: jvmArguments: "-Djdk.tls.client.protocols=TLSv1.2,TLSv1.3 -Dhttps.protocols=TLSv1.2,TLSv1.3"