Skip to main content
Version: 12.x (Current)

General Settings

This document describes the required values that you will have to configure to work properly.

info

More specific configurations, such as those for the Authentication Providers, Client-Side Database Encryption, File Storage and Email Connectivity are described in separate documents.

If you want to fine tune resources for specific services the proper documentation can be found in this page.

Runtime, Storage and Networking configurations

General configurations

NameTypeDescriptionDefaultOptional
configurations.consoleUrlstringThe URL where the console will be exposed
configurations.cmsUrlstringThe URL where the console CMS will be exposed

Docker and runtime specific configurations

NameTypeDescriptionDefaultOptional
imageCredentialspull secret credentialsAn object to generate the image pull secrets
imagePullSecretsarrayAn array of imagePullSecrets[]
defaultPodSecurityContextpod security contextOverride all the default pod security context per each workload with custom configuration{"runAsNonRoot": true, "runAsUser": 10000, "runAsGroup": 11000, "fsGroup": 12000}

Pull secret credentials

NameTypeDescriptionDefaultOptional
registrystringThe host of the registry where to pull the images, useful when you want to download images from a proxy registrynexus.mia-platform.eu

| name | string | name of the generated image pull secrets. It will be set as imagePullSecret in all the charts workload | | ✅ | | username | string | Username to login to the container registry | | ✅ | | password | string | Password to login to the container registry | | ✅ | | email | string | Email of the user of the container registry | | ✅ |

Storage connection configurations

Required

NameTypeDescriptionDefaultOptional
configurations.repositoryHostnamestringThe hostname of the docker repository where the services docker image will be uploaded
configurations.mongodbUrlstringThe connection url to a mongodb server or cluster, more info can be found here
configurations.redis.hostsarrayAn array of the hosts of a redis instance

Optional

NameTypeDescriptionDefaultOptional
configurations.redis.usernamestringThe username used for redis instance authentication
configurations.redis.passwordstringThe password used for redis instance
configurations.redis.tlsbooleantls connection to redis enabledfalse
configurations.redis.tlsCACertstringCA for the TLS configuration to connect to the redis instance. This is effective only if configurations.redis.tls set to true.

Self-Signed CA Bundles

If your Self-Hosted Console needs to interact with third party servers (e.g. MongoDB) with a self signed certificate you can provide the certification authority key material with the additionalCABundle configuration.

Service account management configuration

Mia-Platform Console allows user to create custom Service Accounts to perform m2m authentication; to be able to properly sign service account session the Console requires a few specific configuration to be set with the configurations.serviceAccountAuthProvider key.

NameTypeDescriptionDefaultOptional
rsaPrivateKeyBase64stringPrivate key material for service account token signature encoded in Base64
rsaPrivateKeyIdstringID of the private key
rsaPrivateKeyPassstringPassword for the private key
clientIdSaltstringsalt for client id
jwtExpiresInstringseconds defining the service account jwt expiration time3600

How to generate secret values

For any doubt check out the Client Credentials guide which provides useful examples.

  • rsaPrivateKeyBase64:
    • ssh-keygen -t rsa -b 4096 -m PEM -f private.key
    • digit your passphrase (it is required for rsaPrivateKeyPass)
      • to generate the password we recommend using openssl rand -hex 128
    • encode the private key in base64 (cat <PRIVATE_KEY> | base64)
  • rsaPrivateKeyId: openssl rand -hex 24
  • rsaPrivateKeyPass: the passphrase you used during private key generation
  • clientIdSalt: openssl rand -hex 256

Generated Service specific resource configuration

To fine tune resources configurations for services directly generated from Mia-Platform Console you can tune the following configurations under the configurations.defaultCoreResources key:

NameTypeDescriptionDefaultOptional
apiGatewayobjectThe default RAM request and limit for API Gateway inside projects{ memoryLimitMin: "5Mi", memoryLimitMax: "25Mi" }
crudServiceobjectThe default RAM request and limit for CRUD Service inside projects{ memoryLimitMin: "70Mi", memoryLimitMax: "250Mi" }

Examples

mia-console:
  configurations:
    ...
    defaultCoreResources:
      apiGateway:
        memoryLimitMin: "100Mi"
        memoryLimitMax: "300Mi"

Additional optional configurations

NameTypeDescriptionDefaultOptional
nameOverridestringSet up a value if you don’t want to use mia-console
fullnameOverridestringSet up a value if you want to set a fixed name for the release and not using the generated one
logLevelstringThe log level to setupinfo
configurations.multitinenantNamespacestringThe multitenant partial hostnamemultitenant.svc.cluster.local
configurations.customServicesImagePullSecretstringThe name of the imagePullSecret containing the credentials to the private docker repository (deprecated, we reccomend to use configurations.servicesImagePullSecrets)
configurations.servicesImagePullSecretsarrayThe names of imagePullSecret containing the credentials to the private docker repositories that will be used to pull the images of all services of the projects, this key take precendence over configurations.customServicesImagePullSecret. You have to specify the secrets for both your own services and the ones handled by Console (e.g. cms-backend, crud-service, ecc...).["nexus-gcloud"]
configurations.publicVariablesFolderNamestringThe name of the folder in which all public variables will be stored
configurations.deployServiceJenkinsRetryMsintegerControls Deploy Service Jenkins retries if no build is found (minimum value: 1)
configurations.configurationsCleaner.maxConfigurationsRetentionNumberintegerMax number of configurations per ref to be preserved (default 100, set to 0 to disable history cleanup)100
configurations.configurationsCleaner.schedulecrontabCleaner crontab schedule0 8 * * *

Optional Feature Toggle configurations

NameTypeDescriptionDefaultOptional
configurations.enableFastDatabooleanEnables Fast Data configuratortrue
configurations.enableDebugAreabooleanEnables debug area in Consoletrue
configurations.enableMergeConfigurationbooleanEnables Merge Configurationtrue
configurations.enableClustersAndEnvironmentsManagementbooleanEnables Clusters and Environments managementtrue
configurations.projectTemplateArchiveUrlstringNew project template url
configurations.enableRuntimeServiceClusterSelectionbooleanEnable selection from supported runtime providers during cluster setup, if you disable it you will have to manually fill all the required informationtrue
configurations.enableBackofficeConfiguratorbooleanEnable Backoffice Configuratortrue
configurations.enableFlowManagerbooleanEnable Flow Managertrue

Optional telemetry configurations

NameTypeDescriptionDefaultOptional
configurations.enablePrometheusMetricsbooleanenable prometheus to collect metrics. This is a beta feature and could have breaking changes.false
configurations.telemetry.tracing.enabledbooleanenable opentelemetry to collect tracing. This is an experimental feature and could have breaking changes.false
configurations.telemetry.tracing.addressstringopentelemetry server address. At the moment, it is only supported a zipkin server.false
configurations.telemetry.tracing.portnumberopentelemetry server port. At the moment, it is only supported a zipkin server.false