diff --git a/CHANGELOG.md b/CHANGELOG.md index e0830686..e4d37bb8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,70 +1,23 @@ # Changelog -All notable changes to Kubernetes and Helm resources for WSO2 API Management version `3.2.x` in each resource release, +All notable changes to Kubernetes and Helm resources for WSO2 API Management version `4.0.x` in each resource release, will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) -## [v3.2.0.4] - 2021-05-03 - -### Changed - -- Use MySQL, nfs-server-provisioner from WSO2 repo (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/488)) - -For detailed information on the tasks carried out during this release, please see the GitHub milestone -[v3.2.0.4](https://github.com/wso2/kubernetes-apim/milestone/20). - -## [v3.2.0.3] - 2020-12-17 - -### Changed - -- Use Updates 2.0 images when subscription is enabled (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/478)) -- Change MySQL dependency to bitnami repo (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/479)) -- Use nfs-server-provisioner from kvaps (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/481)) - -## [v3.2.0.2] - 2020-09-16 - -### Changed - -- [[Simplified Setup](https://github.com/wso2/kubernetes-apim/tree/master/simple)] Reduce resource requests of the simplified kubernetes resources. (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/459)) - -### Fixed - -- [[Simplified Setup](https://github.com/wso2/kubernetes-apim/tree/master/simple)] Update auth.config URLs in analytics dashboard to support access to analytics dashboard with Docker Desktop. (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/460)) - -For detailed information on the tasks carried out during this release, please see the GitHub milestone -[v3.2.0.2](https://github.com/wso2/kubernetes-apim/milestone/17) - -## [v3.2.0.1] - 2020-08-28 - -### Environments - -- Successful evaluation of API Manager Helm charts in AWS Elastic Kubernetes Service (EKS) (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/432)) -- Successful evaluation of Ceph File System (CephFS) as a Persistent Storage Solution (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/410)) +## [v4.0.0.1] - 2021-05-07 ### Added -- Introduce Kubernetes resources for a simplified setup of WSO2 API Management version `3.2.0` (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/428)) -- Introduce Helm charts for WSO2 API Management version `3.2.0` production grade deployment patterns (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/399)) -- Add options to define volume capacities for persistent storage (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/406)) -- Add JVM memory allocation user input option (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/375)) -- Add mechanism to introduce MySQL JDBC driver to the product containers since [it is not packaged in product container images](https://github.com/wso2/docker-apim/issues/321) - (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/427)) -- Add user input option to set Ingress class and annotations (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/446)) -- Test and document managing custom keystores and truststores (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/401)) - -### Changed +- Helm resources for API Manager Single Node Deployment (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/498)). +- Helm resources for API Manager Advanced deployment patterns (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/499)). +- Helm resources for MySQL (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/504)). +- Configurations for Choreo Analytics (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/500)). -- Upgrade the base MySQL Helm chart version (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/445)) -- Upgrade MySQL Docker image tag version (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/430)) +### Removed -### Fixed - -- Use Kubernetes StatefulSet resources to define API Manager Key Manager deployments (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/436)) +- Helm resources for API Manager Analytics. +- Script based K8s deployment to API Manager Simple deployment. For detailed information on the tasks carried out during this release, please see the GitHub milestone -[v3.2.0.1](https://github.com/wso2/kubernetes-apim/milestone/15) - -[v3.2.0.3]: https://github.com/wso2/kubernetes-apim/compare/v3.2.0.3...v3.2.0.3 -[v3.2.0.2]: https://github.com/wso2/kubernetes-apim/compare/v3.2.0.1...v3.2.0.2 -[v3.2.0.1]: https://github.com/wso2/kubernetes-apim/compare/v3.1.0.3...v3.2.0.1 +[v4.0.0.1](https://github.com/wso2/kubernetes-apim/milestone/22) diff --git a/README.md b/README.md index cd3edc31..fde043b8 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ ### Simple -* [Simplified Setup](simple/README.md) +* [Single Node](simple/am-single/README.md) ### Advanced @@ -18,7 +18,7 @@ ## Changelog -**Change log** from previous `v3.2.0.1` release: [View Here](CHANGELOG.md) +**Change log** from previous `v3.2.0.4` release: [View Here](https://github.com/wso2/kubernetes-apim/blob/3.2.x/CHANGELOG.md) ## Reporting issues diff --git a/advanced/am-pattern-1/Chart.yaml b/advanced/am-pattern-1/Chart.yaml index 55ad51fa..d9ebb6cd 100644 --- a/advanced/am-pattern-1/Chart.yaml +++ b/advanced/am-pattern-1/Chart.yaml @@ -13,8 +13,8 @@ # limitations under the License. apiVersion: v1 -appVersion: "3.2.0" -description: A Helm chart for the deployment of WSO2 API Manager Pattern 1 (HA All-In-One Deployment with Analytics) +appVersion: "4.0.0" +description: A Helm chart for the deployment of WSO2 API Manager Pattern 1 (HA All-In-One Deployment) name: am-pattern-1 -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/am-pattern-1/README.md b/advanced/am-pattern-1/README.md index abab3c45..121045ba 100644 --- a/advanced/am-pattern-1/README.md +++ b/advanced/am-pattern-1/README.md @@ -1,12 +1,11 @@ -# Helm Chart for deployment of WSO2 API Manager with WSO2 API Manager Analytics +# Pattern 1: Helm Chart for Standard HA Deployment of WSO2 API Manager with WSO2 Micro Integrator -Resources for building a Helm chart for deployment of [All-In-One WSO2 API Manager with WSO2 API Manager Analytics -support](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-1-single-node-all-in-one-deployment). +This deployment consists of an API-M cluster with two nodes of the API-M runtime and two nodes each of the integration runtimes (Micro Integrator/Streaming Integrator). You can use this pattern if you expect to receive low traffic to your deployment. -![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/1-single-node-deployment.png) +![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/4.0.0/assets/img/setup-and-install/basic-ha-deployment.png) For advanced details on the deployment pattern, please refer to the official -[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/single-node/configuring-an-active-active-deployment/). +[documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/deployment-overview/#standard-ha-deployment). ## Contents @@ -36,7 +35,7 @@ For advanced details on the deployment pattern, please refer to the official * An already setup [Kubernetes cluster](https://kubernetes.io/docs/setup).

* Install [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/deploy/).

- + * Add the WSO2 Helm chart repository. ``` @@ -55,18 +54,18 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] #### Install Chart From [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) - Helm version 2 - - ``` - helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace - ``` +Deploy the Kubernetes resources using the Helm Chart + +- Helm version 2 - Helm version 3 + ``` + helm install --name wso2/am-pattern-1 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` - helm install wso2/am-pattern-1 --version 3.2.0-1 --namespace --create-namespace + helm install wso2/am-pattern-1 --version 4.0.0-1 --namespace --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -77,7 +76,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name wso2/am-pattern-1 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` #### Install Chart From Source @@ -95,18 +94,18 @@ git clone https://github.com/wso2/kubernetes-apim.git ##### Deploy Helm chart for WSO2 API Manager Pattern 1 deployment. - Helm version 2 +Deploy the Kubernetes resources using the Helm Chart - ``` - helm install --dep-up --name /am-pattern-1 --version 3.2.0-1 --namespace - ``` +- Helm version 2 - Helm version 3 + ``` + helm install --dep-up --name /am-pattern-1 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` - helm install /am-pattern-1 --version 3.2.0-1 --namespace --dependency-update --create-namespace + helm install /am-pattern-1 --version 4.0.0-1 --namespace --dependency-update --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -117,9 +116,45 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name /am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name /am-pattern-1 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +``` + +Or else, you can configure the default configurations inside the am-pattern-1 helm chart [values.yaml](https://github.com/wso2/kubernetes-apim/blob/master/advanced/am-pattern-1/values.yaml) file. Refer [this](https://helm.sh/docs/chart_template_guide/values_files/) for to learn more details about the `values.yaml` file. + + +> **Note:**
+From the above Helm commands, base image of a Micro Integrator is deployed (without any integration solution). To deploy your integration solution with the Helm charts follow the below steps.

+>1. [Create an integration service using WSO2 Integration Studio and expose it as a Managed API](https://apim.docs.wso2.com/en/latest/tutorials/integration-tutorials/service-catalog-tutorial/#exposing-an-integration-service-as-a-managed-api). Then [create a Docker image](https://apim.docs.wso2.com/en/latest/integrate/develop/create-docker-project/#creating-docker-exporter) and push it to your private or public Docker registry.

+ - `INTEGRATION_IMAGE_REGISTRY` will refer to the Docker registry that created Docker image has been pushed
+ - `INTEGRATION_IMAGE_NAME` will refer to the name of the created Docker image
+ - `INTEGRATION_IMAGE_TAG` will refer to the tag of the created Docker image

+>2. If your Docker registry is a private registry, [create an imagePullSecret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).

+ - `IMAGE_PULL_SECRET` will refer to the created image pull secret

+>3. Deploy the helm resource using following command.

+> ``` +> helm install wso2/am-pattern-1 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= +> ``` + +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +Helm v2 + +``` +helm install --name wso2/am-pattern-1 --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +Helm v3 + +``` +helm install wso2/am-pattern-1 --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace ``` +You will be able to see the Analytics data when you log into Choreo Analytics Portal. + ### 2. Obtain the external IP Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. @@ -144,12 +179,19 @@ API Manager Gateway - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service -API Manager Analytics Dashboard +API Manager Websub -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-analytics-dashboard-ingress`) -- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-websub-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Websub service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Websub service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Websub service + +Micro Integrator Management APIs + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-mi-1-management-ingress`) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the Micro Integrator service ### 3. Add a DNS record mapping the hostnames and the external IP @@ -160,7 +202,7 @@ If the defined hostnames are not backed by a DNS service, for the purpose of eva hostnames and the external IP in the `/etc/hosts` file at the client-side. ``` - + ``` ### 4. Access Management Consoles @@ -169,8 +211,7 @@ hostnames and the external IP in the `/etc/hosts` file at the client-side. - API Manager DevPortal: `https:///devportal` -- API Manager Analytics Dashboard: `https:///analytics-dashboard` - +- API Manager Carbon Console: `https:///carbon` ## Configuration @@ -182,7 +223,9 @@ The following tables lists the configurable parameters of the chart and their de |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.subscription.username` | Your WSO2 Subscription username | - | | `wso2.subscription.password` | Your WSO2 Subscription password | - | - +| `wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. ###### Chart Dependencies @@ -197,8 +240,6 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | Parameter | Description | Default Value | |---------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.persistentRuntimeArtifacts.storageClass` | Appropriate Kubernetes Storage Class | `nfs` | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans` | Capacity for execution plans shared between the Traffic Manager profile instances | 20M | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs` | Capacity for synapse artifacts of APIs shared between the Gateway profile instances | 50M | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled` | Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled | false | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase` | Capacity for persisting the H2 based local Carbon database file | 50M | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData` | Capacity for persisting the Apache Solr indexed data | 50M | @@ -209,7 +250,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | | `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | -| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | | `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | | `wso2.deployment.am.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | | `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | @@ -224,48 +265,30 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | `wso2.deployment.am.ingress.management.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | | `wso2.deployment.am.ingress.gateway.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | | `wso2.deployment.am.ingress.gateway.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.websub.hostname` | Hostname for API Manager Websub services | `websub.am.wso2.com` | +| `wso2.deployment.am.ingress.websub.annotations` | Ingress resource annotations for API Manager Websub | Community NGINX Ingress controller annotations | -**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). +###### Micro Integrator Server Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.mi.dockerRegistry` | Registry location of the Docker image to be used to create Micro Integrator instances | - | +| `wso2.deployment.mi.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2mi` | +| `wso2.deployment.mi.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `wso2.deployment.mi.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.mi.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.livenessProbe.periodSeconds` | Period of the live-ness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.readinessProbe.periodSeconds` | Period of the readiness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 512Mi | +| `wso2.deployment.mi.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 500m | +| `wso2.deployment.mi.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 1Gi | +| `wso2.deployment.mi.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 1000m | +| `wso2.deployment.mi.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.mi.ingress.management.hostname` | Hostname for Micro Integrator management apis | `management.mi.wso2.com` | +| `wso2.deployment.mi.ingress.management.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | -###### Analytics Dashboard Runtime Configurations - -| Parameter | Description | Default Value | -|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | -| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | -| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | -| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | - -###### Analytics Worker Runtime Configurations - -| Parameter | Description | Default Value | -|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | -| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). ###### Kubernetes Specific Configurations diff --git a/advanced/am-pattern-1/auth.json b/advanced/am-pattern-1/auth.json index c06ae0ba..453e366c 100644 --- a/advanced/am-pattern-1/auth.json +++ b/advanced/am-pattern-1/auth.json @@ -1,6 +1,6 @@ { "auths": { - "docker.wso2.com": { + "reg.id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/advanced/am-pattern-1/requirements.yaml b/advanced/am-pattern-1/requirements.yaml index 4802ce9b..008768be 100644 --- a/advanced/am-pattern-1/requirements.yaml +++ b/advanced/am-pattern-1/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: mysql-am - version: "3.2.0-4" + version: "4.0.0-1" repository: "https://helm.wso2.com" condition: wso2.deployment.dependencies.mysql - name: nfs-server-provisioner diff --git a/advanced/am-pattern-1/templates/NOTES.txt b/advanced/am-pattern-1/templates/NOTES.txt index eb0ebba5..940feff1 100644 --- a/advanced/am-pattern-1/templates/NOTES.txt +++ b/advanced/am-pattern-1/templates/NOTES.txt @@ -1,6 +1,6 @@ Thank you for installing WSO2 API Manager. -Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. +Please follow these steps to access API Manager Publisher and DevPortal consoles. 1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. @@ -22,13 +22,6 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service - API Manager Analytics Dashboard - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-ingress) - - HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service ({{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service - 2. Add a DNS record mapping the hostnames (in step 1) and the external IP. If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and @@ -37,12 +30,28 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. - {{ .Values.wso2.deployment.am.ingress.management.hostname }} {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + {{ .Values.wso2.deployment.am.ingress.management.hostname }} {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} 3. Navigate to the consoles in your browser of choice. API Manager Publisher: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/publisher API Manager DevPortal: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/devportal - API Manager Analytics Dashboard: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}/analytics-dashboard + +Please follow these steps to assess Micro Integrator. + +1. Obtain the external IP (`EXTERNAL-IP`) of the Ingress resources by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + Micro Integrator Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-mi-1-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ .Values.wso2.deployment.mi.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + +2. Add the above host as an entry in /etc/hosts file as follows: + + {{ .Values.wso2.deployment.mi.ingress.management.hostname }} Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/advanced/am-pattern-1/templates/_helpers.tpl b/advanced/am-pattern-1/templates/_helpers.tpl index 7d19f297..f26bdc34 100644 --- a/advanced/am-pattern-1/templates/_helpers.tpl +++ b/advanced/am-pattern-1/templates/_helpers.tpl @@ -1,5 +1,5 @@ {{/* -Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -73,7 +73,7 @@ image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- {{- else }} {{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} {{- $parts := len (split "." $imageTag) }} -{{- if eq $parts 3 }} +{{- if and (eq $parts 3) (eq $dockerRegistry "docker.wso2.com") }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} {{- else }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-bin.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-bin.yaml deleted file mode 100644 index 9e0c30ed..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml deleted file mode 100644 index 28c302b3..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,445 +0,0 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.dashboard.config }} - -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.dashboard.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DASHBOARD_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false" - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 9640 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/oauth2 - kmTokenUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 30 - baseUrl: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - grantType: authorization_code - publisherUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443 - devPortalUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443 - externalLogoutUrl: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE - {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-deployment.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-deployment.yaml deleted file mode 100644 index c5ea0c34..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,134 +0,0 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.analytics.dashboard.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard - template: - metadata: - annotations: - checksum.am.analytics.dashboard.conf: {{ include (print $.Template.BasePath "/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-dashboard -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.dashboard) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.dashboard.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9713 - protocol: "TCP" - - containerPort: 9643 - protocol: "TCP" - - containerPort: 9613 - protocol: "TCP" - - containerPort: 7713 - protocol: "TCP" - - containerPort: 9091 - protocol: "TCP" - - containerPort: 7613 - protocol: "TCP" - volumeMounts: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-dashboard-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/dashboard/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - - name: wso2am-analytics-dashboard-bin - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-service.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-service.yaml deleted file mode 100644 index 5e873404..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-service.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard - ports: - # ports that this service should serve on - - - name: 'analytics-dashboard' - port: 9643 - protocol: TCP - diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-bin.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-bin.yaml deleted file mode 100644 index cea2448b..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml deleted file mode 100644 index 83b900a3..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml +++ /dev/null @@ -1,583 +0,0 @@ -# Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.worker.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.worker.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: ${NODE_ID} - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: true - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_CLUSTER_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - - - name: PERSISTENCE_DB - description: "Datasource used for persistence" - jndiConfig: - name: jdbc/PERSISTENCE_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_PERSISTENCE_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: true - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 5 - eventPollingInterval: 5000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - # Sample of deployment.config for Two node HA - deployment.config: - type: ha - passiveNodeDetailsWaitTimeOutMillis: 300000 - passiveNodeDetailsRetrySleepTimeMillis: 500 - eventByteBufferQueueCapacity: 20000 - byteBufferExtractorThreadPoolSize: 5 - eventSyncServer: - host: ${NODE_IP} - port: 9893 - advertisedHost: ${NODE_IP} - advertisedPort: 9893 - bossThreads: 10 - workerThreads: 10 - eventSyncClientPool: - maxActive: 10 - maxTotal: 10 - maxIdle: 10 - maxWait: 60000 - minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin - {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-headless-service.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-headless-service.yaml deleted file mode 100644 index 3b51d4de..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-headless-service.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service - namespace: {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - clusterIP: None - selector: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 - - - name: 'event-sync-port-1' - protocol: TCP - port: 9893 diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-statefulset.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-statefulset.yaml deleted file mode 100644 index 6aacc818..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-statefulset.yaml +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker - serviceName: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service - template: - metadata: - annotations: - checksum.am.analytics.worker.conf: {{ include (print $.Template.BasePath "/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-worker -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.worker) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.worker.imagePullPolicy }} - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9764 - protocol: "TCP" - - containerPort: 9444 - protocol: "TCP" - - containerPort: 7612 - protocol: "TCP" - - containerPort: 7712 - protocol: "TCP" - - containerPort: 9090 - protocol: "TCP" - - containerPort: 7071 - protocol: "TCP" - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-worker-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/worker/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - - name: wso2am-analytics-worker-bin - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml index 8c24d26d..34e53dd5 100644 --- a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml @@ -20,18 +20,16 @@ metadata: {{ if .Values.wso2.deployment.am.config }} data: {{- range $index, $content := .Values.wso2.deployment.am.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} - {{ else }} + {{ else }} data: deployment.toml: |- [server] hostname = "{{ .Values.wso2.deployment.am.ingress.management.hostname }}" - node_ip = "$env{NODE_IP}" #offset=0 - mode = "single" #single or ha base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -80,7 +78,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -92,6 +90,11 @@ data: wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -121,24 +124,17 @@ data: #[apim.cache.tags] #expiry_time = "2m" + {{ if .Values.wso2.choreoAnalytics.enabled }} [apim.analytics] enable = true - store_api_url = "https://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} + [apim.analytics] + enable = false + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" + auth_token = "" + {{ end }} #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -186,11 +182,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false [apim.throttling] @@ -224,7 +222,7 @@ data: [[apim.throttling.url_group]] traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9611"] traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" + type = "failover" #[apim.workflow] #enable = false @@ -291,13 +289,8 @@ data: [transport.https.properties] proxyPort = 443 - [[apim.event_hub.publish.url_group]] - urls = ["tcp://localhost:9611"] - auth_urls = ["ssl://localhost:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9711"] + [transport.passthru_https.sender.parameters] + HostnameVerifier = "AllowAll" {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] @@ -309,4 +302,5 @@ data: [database.local] url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" {{ end }} + {{ end }} diff --git a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml index a8d3d9d5..d739923d 100644 --- a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml +++ b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml @@ -51,9 +51,6 @@ spec: - name: mysql-connector-jar mountPath: /mysql-connector-jar {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] containers: - name: wso2am {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} @@ -77,7 +74,7 @@ spec: lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} @@ -110,10 +107,6 @@ spec: - name: JVM_MEM_OPTS value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-synapse-configs-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - name: wso2am-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} @@ -135,15 +128,9 @@ spec: - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds + - name: {{ template "am-pattern-1.resource.prefix" . }}-am-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-executionplans-volume-claim - - name: wso2am-synapse-configs-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-synapse-configs-volume-claim - name: wso2am-conf configMap: name: {{ template "am-pattern-1.resource.prefix" . }}-am-1-conf diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml index d770f5b8..6f297367 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml @@ -20,18 +20,16 @@ metadata: {{ if .Values.wso2.deployment.am.config }} data: {{- range $index, $content := .Values.wso2.deployment.am.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} - {{ else }} + {{ else }} data: deployment.toml: |- [server] hostname = "{{ .Values.wso2.deployment.am.ingress.management.hostname }}" - node_ip = "$env{NODE_IP}" #offset=0 - mode = "single" #single or ha base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -80,7 +78,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -92,6 +90,11 @@ data: wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -121,24 +124,17 @@ data: #[apim.cache.tags] #expiry_time = "2m" + {{ if .Values.wso2.choreoAnalytics.enabled }} [apim.analytics] enable = true - store_api_url = "https://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} + [apim.analytics] + enable = false + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" + auth_token = "" + {{ end }} #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -186,11 +182,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false [apim.throttling] @@ -224,7 +222,7 @@ data: [[apim.throttling.url_group]] traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9611"] traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" + type = "failover" #[apim.workflow] #enable = false @@ -291,13 +289,8 @@ data: [transport.https.properties] proxyPort = 443 - [[apim.event_hub.publish.url_group]] - urls = ["tcp://localhost:9611"] - auth_urls = ["ssl://localhost:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9711"] + [transport.passthru_https.sender.parameters] + HostnameVerifier = "AllowAll" {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] @@ -309,4 +302,5 @@ data: [database.local] url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" {{ end }} + {{ end }} diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml index 988bcdae..d4e75d1b 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml @@ -51,12 +51,6 @@ spec: - name: mysql-connector-jar mountPath: /mysql-connector-jar {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-am-instance-one - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager instance one deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-1-service 9443; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager instance one has started";'] containers: - name: wso2am {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} @@ -80,7 +74,7 @@ spec: lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} @@ -113,10 +107,6 @@ spec: - name: JVM_MEM_OPTS value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-synapse-configs-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - name: wso2am-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} @@ -138,15 +128,9 @@ spec: - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds + - name: {{ template "am-pattern-1.resource.prefix" . }}-am-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-executionplans-volume-claim - - name: wso2am-synapse-configs-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-synapse-configs-volume-claim - name: wso2am-conf configMap: name: {{ template "am-pattern-1.resource.prefix" . }}-am-2-conf diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml index 17d783ea..ebc557f2 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml @@ -33,3 +33,6 @@ spec: - name: jms-tcp protocol: TCP port: 5672 + - name: servlet-https + protocol: TCP + port: 9443 diff --git a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml index 5ca1efc8..ab43090f 100644 --- a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml @@ -38,24 +38,6 @@ data: # check if the WSO2 product home exists test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - # Copying carbon_db if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db then @@ -80,10 +62,10 @@ data: if [[ -z "${PROFILE_NAME}" ]] then # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh "$@" else # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh -Dprofile=${PROFILE_NAME} "$@" fi {{ end }} diff --git a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml index 0a1e1633..3e083ae1 100644 --- a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml @@ -35,3 +35,9 @@ spec: - name: servlet-https protocol: TCP port: 9443 + - name: websub-http + protocol: TCP + port: 9021 + - name: websub-https + protocol: TCP + port: 8021 diff --git a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml index 102f6744..ec4b240a 100644 --- a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,34 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-executionplans-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-synapse-configs-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} --- diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-ingress.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-websub-ingress.yaml similarity index 59% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-ingress.yaml rename to advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-websub-ingress.yaml index 34079adf..40e6ee4e 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-ingress.yaml +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-websub-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-ingress + name: {{ template "am-pattern-1.resource.prefix" . }}-am-websub-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.pubDevPortalTM.ingress.annotations }} +{{- if .Values.wso2.deployment.am.ingress.websub.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.am.pubDevPortalTM.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.am.ingress.websub.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }} + - {{ .Values.wso2.deployment.am.ingress.websub.hostname }} rules: - - host: {{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }} + - host: {{ .Values.wso2.deployment.am.ingress.websub.hostname }} http: paths: - path: / backend: - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-service - servicePort: 9443 + serviceName: {{ template "am-pattern-1.resource.prefix" . }}-am-service + servicePort: 8021 diff --git a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml new file mode 100644 index 00000000..e19a266c --- /dev/null +++ b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml @@ -0,0 +1,98 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-deployment + namespace: {{ .Release.Namespace }} + labels: +{{ include "am-pattern-1.labels" . | indent 4 }} +spec: + replicas: {{ .Values.wso2.deployment.mi.replicas }} + strategy: + rollingUpdate: + maxSurge: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxSurge }} + maxUnavailable: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 + template: + metadata: + labels: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 + spec: + initContainers: + - name: init-am + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager has started";'] + containers: + - name: wso2micro-integrator +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + args: + - "-DsynapseTest=true" + {{- end }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 8290 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: /healthz + port: 9201 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.readinessProbe.periodSeconds }} + resources: + requests: + memory: {{ .Values.wso2.deployment.mi.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.mi.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.limits.cpu }} + imagePullPolicy: Always + securityContext: + runAsUser: 802 + ports: + - containerPort: 8290 + protocol: TCP + - containerPort: 9201 + protocol: TCP + - containerPort: 9164 + protocol: TCP + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - containerPort: 9008 + protocol: TCP + {{- end }} + {{- if .Values.wso2.deployment.mi.envs }} + env: + {{- range $key, $val := .Values.wso2.deployment.mi.envs }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.mi.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-wso2-private-registry-creds + {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-service.yaml b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-service.yaml similarity index 50% rename from advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-service.yaml rename to advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-service.yaml index 65e6b0e0..4c1e4ca1 100644 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-service.yaml +++ b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,43 +11,40 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: Service metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-service namespace : {{ .Release.Namespace }} + labels: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 +{{ include "am-pattern-1.labels" . | indent 4 }} spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker + type: ClusterIP ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 + - port: 8290 + targetPort: 8290 protocol: TCP - - - name: 'rest-api-port-1' + name: pass-through-http + - port: 8253 + targetPort: 8253 protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' + name: pass-through-https + - port: 9201 + targetPort: 9201 protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' + name: metrics + - port: 9164 + targetPort: 9164 protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' + name: management + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - port: 9008 + targetPort: 9008 protocol: TCP - port: 7444 - - - name: 'event-sync-port-1' - protocol: TCP - port: 9893 + name: synapse-test + {{- end}} + selector: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-ingress.yaml b/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml similarity index 60% rename from advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-ingress.yaml rename to advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml index 2ec57f88..544fa865 100644 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-ingress.yaml +++ b/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-ingress + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-management-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.analytics.dashboard.ingress.annotations }} +{{- if .Values.wso2.deployment.mi.ingress.management.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.analytics.dashboard.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.mi.ingress.management.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} rules: - - host: {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - host: {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} http: paths: - path: / backend: - serviceName: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-service - servicePort: 9643 + serviceName: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-service + servicePort: 9164 diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml new file mode 100644 index 00000000..390f651c --- /dev/null +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml @@ -0,0 +1,30 @@ +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +# Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $username := .Values.wso2.subscription.username }} +{{- $password := .Values.wso2.subscription.password }} +{{- $email := .Values.wso2.subscription.username }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.am.dockerRegistry }} +{{- $auth := printf "%s:%s" $username $password | b64enc }} +{{- $files := .Files }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "am-pattern-1.resource.prefix" . }}-am-wso2-private-registry-creds + namespace: {{ .Release.Namespace }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "docker.wso2.com.username" $username | replace "docker.wso2.com.password" $password | replace "docker.wso2.com.email" $email | replace "docker.wso2.com.auth" $auth | b64enc }} +{{ end }} diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml new file mode 100644 index 00000000..d844e209 --- /dev/null +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml @@ -0,0 +1,29 @@ +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq (default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry) "docker.wso2.com") }} +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $username := .Values.wso2.subscription.username }} +{{- $password := .Values.wso2.subscription.password }} +{{- $email := .Values.wso2.subscription.username }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry }} +{{- $auth := printf "%s:%s" $username $password | b64enc }} +{{- $files := .Files }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-wso2-private-registry-creds + namespace: {{ .Release.Namespace }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "docker.wso2.com.username" $username | replace "docker.wso2.com.password" $password | replace "docker.wso2.com.email" $email | replace "docker.wso2.com.auth" $auth | b64enc }} +{{ end }} diff --git a/advanced/am-pattern-1/values.yaml b/advanced/am-pattern-1/values.yaml index eed4cbd1..cd6608cc 100644 --- a/advanced/am-pattern-1/values.yaml +++ b/advanced/am-pattern-1/values.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,6 +20,13 @@ wso2: username: "" password: "" + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" + deployment: dependencies: # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster @@ -35,14 +42,6 @@ wso2: # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) storageClass: &storage_class "nfs" - # Define capacities for persistent runtime artifact directories which are shared between instances of the relevant API Manager profile - sharedArtifacts: - capacity: - # For execution plans shared between the Traffic Manager profile instances - executionPlans: 20M - # For synapse artifacts of APIs shared between the Gateway profile instances - synapseConfigs: 50M - # Persistent runtime artifacts for Apache Solr-based indexing apacheSolrIndexing: # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled @@ -60,7 +59,7 @@ wso2: # If a custom image must be used, uncomment 'dockerRegistry' and provide its value # dockerRegistry: "" imageName: "wso2am" - imageTag: "3.2.0" + imageTag: "4.0.0" # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always @@ -98,11 +97,11 @@ wso2: # Maximum Heap size xmx: "1024m" - # If the deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), + # If the deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml), # add the customized configuration file under (wso2 -> deployment -> am -> config -> deployment.toml) -# config: "" -# deployment.toml: |- -# # deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) + # config: "" + # deployment.toml: |- + # # deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) # Configure Ingresses ingress: @@ -123,129 +122,67 @@ wso2: annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - - analytics: - dashboard: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value - # dockerRegistry: "" - imageName: "wso2am-analytics-dashboard" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - # Number of deployment replicas - replicas: 1 - - # Kubernetes RollingUpdate strategy configurations - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - - # Indicates whether the container is running - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary - limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - - # If the deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> dashboard -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml) - - # Configure Ingress - ingress: - # Hostname for API Manager Analytics Dashboard - hostname: "analytics.am.wso2.com" - # Annotations for the API Manager Analytics Dashboard service Ingress + websub: + hostname: "websub.am.wso2.com" + # Annotations for the API Manager WebSub service Ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - worker: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value - # dockerRegistry: "" - imageName: "wso2am-analytics-worker" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - # Indicates whether the container is running - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary - limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. + # dockerRegistry: "" + imageName: "wso2mi" + imageTag: "4.0.0" + # Number of deployment replicas + replicas: 2 + strategy: + rollingUpdate: + # The maximum number of pods that can be scheduled above the desired number of pods. + maxSurge: 1 + # The maximum number of pods that can be unavailable during the update. + maxUnavailable: 0 + # Indicates whether the container is running. + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # Indicates whether the container is ready to service requests. + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # These are the minimum resource recommendations for running WSO2 Micro Integrator + resources: + requests: + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" + limits: + # The maximum amount of memory that should be allocated for a Pod + memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod + cpu: "1000m" + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false - # If the deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> worker -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml) + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" kubernetes: # Name of Kubernetes service account diff --git a/advanced/am-pattern-2/Chart.yaml b/advanced/am-pattern-2/Chart.yaml index 58d64d27..4f3c399d 100644 --- a/advanced/am-pattern-2/Chart.yaml +++ b/advanced/am-pattern-2/Chart.yaml @@ -13,8 +13,8 @@ # limitations under the License. apiVersion: v1 -appVersion: "3.2.0" +appVersion: "4.0.0" description: A Helm chart for the deployment of WSO2 API Management deployment pattern 2 name: am-pattern-2 -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/am-pattern-2/README.md b/advanced/am-pattern-2/README.md index 36264b82..6d11fa47 100644 --- a/advanced/am-pattern-2/README.md +++ b/advanced/am-pattern-2/README.md @@ -1,12 +1,11 @@ -# Helm Chart for deployment of WSO2 API Manager with a separate Gateway and separate Key Manager along with WSO2 API Manager Analytics +# Pattern 2: Helm Chart for Standard HA Deployment of WSO2 API Manager with Multitenancy along with WSO2 Micro Integrator -Resources for building a Helm chart for deployment of [WSO2 API Manager with a separate Gateway and separate Key Manager along with -WSO2 API Manager Analytics](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-2-deployment-with-a-separate-gateway-and-separate-key-manager). +This deployment consists of two API-M nodes and two nodes each of the integration runtimes (Micro Integrator/Streaming Integrator) per tenant. You can use this pattern when traffic from different tenants in the API-M cluster needs to be handled in isolation. This deployment also allows you to direct the traffic of each tenant to a separate integration cluster. -![WSO2 API Manager pattern 2 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/2-separate-gateway-and-key-manager.png) +![WSO2 API Manager pattern 2 deployment](https://apim.docs.wso2.com/en/4.0.0/assets/img/setup-and-install/basic-ha-with-multitenancy.png) For advanced details on the deployment pattern, please refer to the official -[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/deploying-wso2-api-m-in-a-distributed-setup/). +[documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/deployment-overview/#standard-ha-deployment-with-multitenancy). ## Contents @@ -50,23 +49,23 @@ For advanced details on the deployment pattern, please refer to the official You can install the relevant Helm chart either from [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) or by source. **Note:** - +* This Helm chart has been implemented by extending the `advance/am-pattern-1` Helm resource. * `NAMESPACE` should be the Kubernetes Namespace in which the resources are deployed. #### Install Chart From [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) - Helm version 2 +Deploy the Kubernetes resources using the Helm Chart - ``` - helm install --name wso2/am-pattern-2 --version 3.2.0-1 --namespace - ``` +- Helm version 2 - Helm version 3 + ``` + helm install --name wso2/am-pattern-2 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` - helm install wso2/am-pattern-2 --version 3.2.0-1 --namespace --create-namespace + helm install wso2/am-pattern-2 --version 4.0.0-1 --namespace --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -76,8 +75,23 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. +- To provide WSO2 Subscription credentials for WSO2 API Manager and WSO2 Micro Integrator as in pattern 1 + ``` + --set am-pattern-1.wso2.subscription.username=$SUBSCRIPTION_USERNAME --set am-pattern-1.wso2.subscription.password=$SUBSCRIPTION_PASSWORD + ``` + +- To provide WSO2 Subscription credentials for additional WSO2 Micro Integrator deployment for the new tenant + ``` + --set wso2.subscription.username=$SUBSCRIPTION_USERNAME --set wso2.subscription.password=$SUBSCRIPTION_PASSWORD + ``` + +Below example is to provide WSO2 Subscription credentials for all WSO2 API Manager and WSO2 Micro Integrator tenant 1 and tenant 2 deployments + ``` - helm install --name wso2/am-pattern-2 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +export SUBSCRIPTION_USERNAME= +export SUBSCRIPTION_PASSWORD= + +helm install --name wso2/am-pattern-2 --version 4.0.0-1 --namespace --set wso2.subscription.username=$SUBSCRIPTION_USERNAME --set wso2.subscription.password=$SUBSCRIPTION_PASSWORD --set am-pattern-1.wso2.subscription.username=$SUBSCRIPTION_USERNAME --set am-pattern-1.wso2.subscription.password=$SUBSCRIPTION_PASSWORD ``` #### Install Chart From Source @@ -95,18 +109,18 @@ git clone https://github.com/wso2/kubernetes-apim.git ##### Deploy Helm chart for WSO2 API Manager Pattern 2 deployment. - Helm version 2 - - ``` - helm install --dep-up --name /am-pattern-2 --version 3.2.0-1 --namespace - ``` +Deploy the Kubernetes resources using the Helm Chart + +- Helm version 2 - Helm version 3 + ``` + helm install --dep-up --name /am-pattern-2 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` - helm install /am-pattern-2 --version 3.2.0-1 --namespace --dependency-update --create-namespace + helm install /am-pattern-2 --version 4.0.0-1 --namespace --dependency-update --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -117,39 +131,89 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name /am-pattern-2 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name /am-pattern-2 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +``` + +Or else, you can configure the default configurations inside the am-pattern-1 helm chart [values.yaml](https://github.com/wso2/kubernetes-apim/blob/master/advanced/am-pattern-1/values.yaml) file. Refer [this](https://helm.sh/docs/chart_template_guide/values_files/) for to learn more details about the `values.yaml` file. + + +> **Note:**
+From the above Helm commands, base image of a Micro Integrator is deployed (without any integration solution). To deploy your integration solution with the Helm charts follow the below steps.

+>1. [Create an integration service using WSO2 Integration Studio and expose it as a Managed API](https://apim.docs.wso2.com/en/4.0.0/tutorials/integration-tutorials/service-catalog-tutorial/#exposing-an-integration-service-as-a-managed-api). Then [create a Docker image](https://apim.docs.wso2.com/en/4.0.0/integrate/develop/create-docker-project/#creating-docker-exporter) and push it to your private or public Docker registry.

+ - `INTEGRATION_IMAGE_REGISTRY` will refer to the Docker registry that created Docker image has been pushed
+ - `INTEGRATION_IMAGE_NAME` will refer to the name of the created Docker image
+ - `INTEGRATION_IMAGE_TAG` will refer to the tag of the created Docker image

+>2. If your Docker registry is a private registry, [create an imagePullSecret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).

+ - `IMAGE_PULL_SECRET` will refer to the created image pull secret

+>3. Deploy the helm resource using following command.

+> ``` +> helm install wso2/am-pattern-2 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= +> ``` + +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/4.0.0/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +Helm v2 + +``` +helm install --name wso2/am-pattern-2 --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +Helm v3 + +``` +helm install wso2/am-pattern-2 --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace ``` +You will be able to see the Analytics data when you log into Choreo Analytics Portal. + ### 2. Obtain the external IP Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. - + ``` kubectl get ing -n ``` - + The output under the relevant column stands for the following. API Manager Publisher-DevPortal -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-am-ingress`) -- HOSTS: Hostname of the WSO2 API Manager service (``) +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-ingress`) +- HOSTS: Hostname of the WSO2 API Manager service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager service API Manager Gateway -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-am-gateway-ingress`) -- HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-gateway-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service -API Manager Analytics Dashboard +API Manager Websub -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-am-analytics-dashboard-ingress`) -- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-websub-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Websub service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Websub service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Websub service + +Micro Integrator Management APIs of Tenant 1 + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-mi-1-management-ingress`) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the Micro Integrator service + +Micro Integrator Management APIs of Tenant 2 + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-mi-2-management-ingress`) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the Micro Integrator service ### 3. Add a DNS record mapping the hostnames and the external IP @@ -160,138 +224,130 @@ If the defined hostnames are not backed by a DNS service, for the purpose of eva hostnames and the external IP in the `/etc/hosts` file at the client-side. ``` - + ``` ### 4. Access Management Consoles -- API Manager Publisher: `https:///publisher` +- API Manager Publisher: `https:///publisher` -- API Manager DevPortal: `https:///devportal` +- API Manager DevPortal: `https:///devportal` -- API Manager Analytics Dashboard: `https:///analytics-dashboard` +- API Manager Carbon Console: `https:///carbon` ## Configuration The following tables lists the configurable parameters of the chart and their default values. -###### WSO2 Subscription Configurations +### WSO2 Subscription Configurations for WSO2 API Manager and Micro Integrator Tenant 1 Deployment + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `am-pattern-1.wso2.subscription.username` | Your WSO2 Subscription username | - | +| `am-pattern-1.wso2.subscription.password` | Your WSO2 Subscription password | - | +| `am-pattern-1.wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `am-pattern-1.wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `am-pattern-1.wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | + + +### WSO2 Subscription Configurations for Micro Integrator Tenant 2 Deployment | Parameter | Description | Default Value | |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.subscription.username` | Your WSO2 Subscription username | - | | `wso2.subscription.password` | Your WSO2 Subscription password | - | -If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. +If you do not have an active WSO2 subscription, **do not change** the parameters `am-pattern-1.wso2.subscription.username` and `am-pattern-1.wso2.subscription.password`. -###### Chart Dependencies +#### Chart Dependencies | Parameter | Description | Default Value | |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.dependencies.mysql` | Enable the deployment and usage of WSO2 API Management MySQL based Helm Chart | true | -| `wso2.deployment.dependencies.nfsProvisioner` | Enable the deployment and usage of NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) | true | +| `am-pattern-1.wso2.deployment.dependencies.mysql` | Enable the deployment and usage of WSO2 API Management MySQL based Helm Chart | true | +| `am-pattern-1.wso2.deployment.dependencies.nfsProvisioner` | Enable the deployment and usage of NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) | true | -###### Persistent Runtime Artifact Configurations +#### Persistent Runtime Artifact Configurations | Parameter | Description | Default Value | |---------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.persistentRuntimeArtifacts.storageClass` | Appropriate Kubernetes Storage Class | `nfs` | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans` | Capacity for execution plans shared between the Traffic Manager profile instances | 20M | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs` | Capacity for synapse artifacts of APIs shared between the Gateway profile instances | 50M | -| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled` | Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled | false | -| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase` | Capacity for persisting the H2 based local Carbon database file | 50M | -| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData` | Capacity for persisting the Apache Solr indexed data | 50M | +| `am-pattern-1.wso2.deployment.persistentRuntimeArtifacts.storageClass` | Appropriate Kubernetes Storage Class | `nfs` | +| `am-pattern-1.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled` | Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled | false | +| `am-pattern-1.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase` | Capacity for persisting the H2 based local Carbon database file | 50M | +| `am-pattern-1.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData` | Capacity for persisting the Apache Solr indexed data | 50M | -###### API Manager Server Configurations +#### API Manager Server Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `am-pattern-1.wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | +| `am-pattern-1.wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | +| `am-pattern-1.wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `am-pattern-1.wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `am-pattern-1.wso2.deployment.am.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | +| `am-pattern-1.wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | +| `am-pattern-1.wso2.deployment.am.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager node | 180 | +| `am-pattern-1.wso2.deployment.am.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager node | 10 | +| `am-pattern-1.wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 2Gi | +| `am-pattern-1.wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | +| `am-pattern-1.wso2.deployment.am.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 3Gi | +| `am-pattern-1.wso2.deployment.am.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 3000m | +| `am-pattern-1.wso2.deployment.am.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `am-pattern-1.wso2.deployment.am.ingress.management.hostname` | Hostname for API Manager Admin Portal, Publisher, DevPortal and Carbon Management Console | `am.wso2.com` | +| `am-pattern-1.wso2.deployment.am.ingress.management.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | +| `am-pattern-1.wso2.deployment.am.ingress.gateway.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | +| `am-pattern-1.wso2.deployment.am.ingress.gateway.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | +| `am-pattern-1.wso2.deployment.am.ingress.websub.hostname` | Hostname for API Manager Websub services | `websub.am.wso2.com` | +| `am-pattern-1.wso2.deployment.am.ingress.websub.annotations` | Ingress resource annotations for API Manager Websub | Community NGINX Ingress controller annotations | + +#### Micro Integrator Server Configurations for Tenant 1 | Parameter | Description | Default Value | |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | -| `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | -| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | -| `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for running API Manager product profiles with profile optimization | 1Gi | -| `wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for running API Manager product profiles with profile optimization | 1000m | -| `wso2.deployment.am.resources.limits.memory` | The maximum amount of memory that should be allocated for running API Manager product profiles with profile optimization | 2Gi | -| `wso2.deployment.am.resources.limits.cpu` | The maximum amount of CPU that should be allocated for running API Manager product profiles with profile optimization | 2000m | -| `wso2.deployment.am.gateway.ingress.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | -| `wso2.deployment.am.gateway.ingress.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.gateway.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Gateway | 60 | -| `wso2.deployment.am.gateway.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Gateway | 10 | -| `wso2.deployment.am.gateway.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Gateway | 60 | -| `wso2.deployment.am.gateway.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Gateway | 10 | -| `wso2.deployment.am.gateway.replicas` | Number of replicas of API Manager Gateway to be started | 2 | -| `wso2.deployment.am.gateway.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | -| `wso2.deployment.am.gateway.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.am.gateway.config` | Custom deployment configuration file for Gateway profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.km.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Key Manager | 60 | -| `wso2.deployment.am.km.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Key Manager | 10 | -| `wso2.deployment.am.km.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Key Manager | 60 | -| `wso2.deployment.am.km.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Key Manager | 10 | -| `wso2.deployment.am.km.replicas` | Number of replicas of API Manager Key Manager to be started | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.am.km.config` | Custom deployment configuration file for Key Manager profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.pubDevPortalTM.ingress.hostname` | Hostname for API Manager Publisher, DevPortal and Carbon Management Console | `am.wso2.com` | -| `wso2.deployment.am.pubDevPortalTM.ingress.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.pubDevPortalTM.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | -| `wso2.deployment.am.pubDevPortalTM.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | -| `wso2.deployment.am.pubDevPortalTM.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager node | 180 | -| `wso2.deployment.am.pubDevPortalTM.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager node | 10 | -| `wso2.deployment.am.pubDevPortalTM.resources.requests.memory` | The minimum amount of memory that should be allocated for API Manager All-In-One | 2Gi | -| `wso2.deployment.am.pubDevPortalTM.resources.requests.cpu` | The minimum amount of CPU that should be allocated for API Manager All-In-One | 2000m | -| `wso2.deployment.am.pubDevPortalTM.resources.limits.memory` | The maximum amount of memory that should be allocated for API Manager All-In-One | 3Gi | -| `wso2.deployment.am.pubDevPortalTM.resources.limits.cpu` | The maximum amount of CPU that should be allocated for API Manager All-In-One | 3000m | -| `wso2.deployment.am.pubDevPortalTM.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | - -**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). - -###### Analytics Dashboard Runtime Configurations - -| Parameter | Description | Default Value | -|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | -| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | -| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | -| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | - -###### Analytics Worker Runtime Configurations - -| Parameter | Description | Default Value | -|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | -| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | - -###### Kubernetes Specific Configurations +| `am-pattern-1.wso2.deployment.mi.dockerRegistry` | Registry location of the Docker image to be used to create Micro Integrator instances | - | +| `am-pattern-1.wso2.deployment.mi.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2mi` | +| `am-pattern-1.wso2.deployment.mi.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `am-pattern-1.wso2.deployment.mi.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `am-pattern-1.wso2.deployment.mi.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for Micro Integrator node | 35 | +| `am-pattern-1.wso2.deployment.mi.livenessProbe.periodSeconds` | Period of the live-ness probe for Micro Integrator node | 10 | +| `am-pattern-1.wso2.deployment.mi.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for Micro Integrator node | 35 | +| `am-pattern-1.wso2.deployment.mi.readinessProbe.periodSeconds` | Period of the readiness probe for Micro Integrator node | 10 | +| `am-pattern-1.wso2.deployment.mi.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 512Mi | +| `am-pattern-1.wso2.deployment.mi.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 500m | +| `am-pattern-1.wso2.deployment.mi.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 1Gi | +| `am-pattern-1.wso2.deployment.mi.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 1000m | +| `am-pattern-1.wso2.deployment.mi.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `am-pattern-1.wso2.deployment.mi.ingress.management.hostname` | Hostname for Micro Integrator management apis | `management.mi.wso2.com` | +| `am-pattern-1.wso2.deployment.mi.ingress.management.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | + +#### Micro Integrator Server Configurations for Tenant 2 + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.mi.dockerRegistry` | Registry location of the Docker image to be used to create Micro Integrator instances | - | +| `wso2.deployment.mi.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2mi` | +| `wso2.deployment.mi.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `wso2.deployment.mi.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.mi.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.livenessProbe.periodSeconds` | Period of the live-ness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.readinessProbe.periodSeconds` | Period of the readiness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 512Mi | +| `wso2.deployment.mi.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 500m | +| `wso2.deployment.mi.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 1Gi | +| `wso2.deployment.mi.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 1000m | +| `wso2.deployment.mi.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.mi.ingress.management.hostname` | Hostname for Micro Integrator management apis | `management.mi.wso2.com` | +| `wso2.deployment.mi.ingress.management.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | + + +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/install/installation-prerequisites/). + +#### Kubernetes Specific Configurations | Parameter | Description | Default Value | |---------------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------| -| `kubernetes.serviceAccount` | Name of the Kubernetes Service Account to which the Pods are to be bound | `wso2am-pattern-2-svc-account` | +| `kubernetes.serviceAccount` | Name of the Kubernetes Service Account to which the Pods are to be bound | `wso2am-pattern-1-svc-account` | ## Runtime Artifact Persistence and Sharing @@ -300,7 +356,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters * By default, this deployment uses the `nfs` Kubernetes StorageClass created using the official, stable [NFS Server Provisioner](https://hub.helm.sh/charts/stable/nfs-server-provisioner). * Only persistent storage solutions supporting `ReadWriteMany` [access mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) - are applicable for `wso2.deployment.persistentRuntimeArtifacts.storageClass`. + are applicable for `am-pattern-1.wso2.deployment.persistentRuntimeArtifacts.storageClass`. * Please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/store/Persisting_And_Sharing.md#recommended-storage-options-for-wso2-products) for advanced details with regards to WSO2 recommended, storage options. @@ -311,7 +367,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters * For advanced details with regards to managing custom Java keystores and truststores in a container based WSO2 product deployment please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/deploy/Managing_Keystores_And_Truststores.md). - + ## Configuring SSL in Service Exposure * For WSO2 recommended best practices in configuring SSL when exposing the internal product services to outside of the Kubernetes cluster, diff --git a/advanced/am-pattern-2/auth.json b/advanced/am-pattern-2/auth.json index 88619f76..97387c87 100644 --- a/advanced/am-pattern-2/auth.json +++ b/advanced/am-pattern-2/auth.json @@ -1,6 +1,6 @@ { "auths": { - "docker.wso2.com": { + "reg.id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/advanced/am-pattern-2/requirements.yaml b/advanced/am-pattern-2/requirements.yaml index 7cbd9c07..f53f5fcb 100644 --- a/advanced/am-pattern-2/requirements.yaml +++ b/advanced/am-pattern-2/requirements.yaml @@ -13,11 +13,6 @@ # limitations under the License. dependencies: - - name: mysql-am - version: "3.2.0-4" + - name: am-pattern-1 + version: "4.0.0-1" repository: "https://helm.wso2.com" - condition: wso2.deployment.dependencies.mysql - - name: nfs-server-provisioner - version: "1.1.0" - repository: "https://helm.wso2.com" - condition: wso2.deployment.dependencies.nfsServerProvisioner diff --git a/advanced/am-pattern-2/templates/NOTES.txt b/advanced/am-pattern-2/templates/NOTES.txt index b2faa965..3ed9cd07 100644 --- a/advanced/am-pattern-2/templates/NOTES.txt +++ b/advanced/am-pattern-2/templates/NOTES.txt @@ -1,6 +1,6 @@ Thank you for installing WSO2 API Manager. -Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. +Please follow these steps to access API Manager Publisher and DevPortal consoles. 1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. @@ -10,25 +10,18 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an API Manager Publisher-DevPortal - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-am-ingress) - - HOSTS: Hostname of the WSO2 API Manager service ({{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}) + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-am-ingress) + - HOSTS: Hostname of the WSO2 API Manager service ({{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }}) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager service API Manager Gateway - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-ingress) - - HOSTS: Hostname of the WSO2 API Manager's Gateway service ({{ .Values.wso2.deployment.am.gateway.ingress.hostname }}) + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-am-gateway-ingress) + - HOSTS: Hostname of the WSO2 API Manager's Gateway service ({{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "gateway" "hostname" }}) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service - API Manager Analytics Dashboard - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-ingress) - - HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service ({{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service - 2. Add a DNS record mapping the hostnames (in step 1) and the external IP. If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and @@ -37,12 +30,35 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. - {{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }} {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + {{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }} {{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "gateway" "hostname" }} 3. Navigate to the consoles in your browser of choice. - API Manager Publisher: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/publisher - API Manager DevPortal: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/devportal - API Manager Analytics Dashboard: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}/analytics-dashboard + API Manager Publisher: https://{{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }}/publisher + API Manager DevPortal: https://{{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }}/devportal + +Please follow these steps to assess Micro Integrator. + +1. Obtain the external IP (`EXTERNAL-IP`) of the Ingress resources by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + Micro Integrator Instance 1 Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-mi-1-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ index .Values "am-pattern-1" "wso2" "deployment" "mi" "ingress" "management" "hostname" }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + + Micro Integrator Instance 2 Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-mi-2-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ .Values.wso2.deployment.mi.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + +2. Add the above host as an entry in /etc/hosts file as follows: + + {{ index .Values "am-pattern-1" "wso2" "deployment" "mi" "ingress" "management" "hostname" }} {{ .Values.wso2.deployment.mi.ingress.management.hostname }} Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/advanced/am-pattern-2/templates/_helpers.tpl b/advanced/am-pattern-2/templates/_helpers.tpl index b801d4ea..962fe5eb 100644 --- a/advanced/am-pattern-2/templates/_helpers.tpl +++ b/advanced/am-pattern-2/templates/_helpers.tpl @@ -1,5 +1,5 @@ {{/* -Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -64,6 +64,13 @@ Common prefix prepended to Kubernetes resources of this chart {{- "wso2am-pattern-2" }} {{- end -}} +{{/* +Common prefix prepended to Kubernetes resources of this chart +*/}} +{{- define "am-pattern-1.resource.prefix" -}} +{{- "wso2am-pattern-2" }} +{{- end -}} + {{- define "image" }} {{- $imageName := .deployment.imageName }} {{- $imageTag := .deployment.imageTag | default "" }} @@ -73,7 +80,7 @@ image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- {{- else }} {{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} {{- $parts := len (split "." $imageTag) }} -{{- if eq $parts 3 }} +{{- if and (eq $parts 3) (eq $dockerRegistry "docker.wso2.com") }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} {{- else }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-bin.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-bin.yaml deleted file mode 100644 index 9355acca..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml deleted file mode 100644 index 6ac48d8f..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,444 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.analytics.dashboard.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.dashboard.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DASHBOARD_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false" - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 9640 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/oauth2 - kmTokenUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 30 - baseUrl: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - grantType: authorization_code - publisherUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443 - devPortalUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443 - externalLogoutUrl: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE - {{- end }} diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-deployment.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-deployment.yaml deleted file mode 100644 index bd114b4d..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.analytics.dashboard.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard - template: - metadata: - annotations: - checksum.am.analytics.dashboard.conf: {{ include (print $.Template.BasePath "/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-am - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager service has started";'] - containers: - - name: wso2am-analytics-dashboard -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.dashboard) | indent 8 }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.cpu }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.dashboard.imagePullPolicy }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9643 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-dashboard-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/dashboard/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-analytics-dashboard-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-conf - - name: wso2am-analytics-dashboard-bin - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-service.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-service.yaml deleted file mode 100644 index 52caf88c..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard - ports: - # ports that this service should serve on - - name: 'analytics-dashboard' - port: 9643 - protocol: TCP diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-bin.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-bin.yaml deleted file mode 100644 index 7db6b747..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml deleted file mode 100644 index 47af4bc2..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml +++ /dev/null @@ -1,583 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.worker.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.worker.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: ${NODE_ID} - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: true - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_CLUSTER_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - - - name: PERSISTENCE_DB - description: "Datasource used for persistence" - jndiConfig: - name: jdbc/PERSISTENCE_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_PERSISTENCE_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: true - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 5 - eventPollingInterval: 5000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - # Sample of deployment.config for Two node HA - deployment.config: - type: ha - passiveNodeDetailsWaitTimeOutMillis: 300000 - passiveNodeDetailsRetrySleepTimeMillis: 500 - eventByteBufferQueueCapacity: 20000 - byteBufferExtractorThreadPoolSize: 5 - eventSyncServer: - host: ${NODE_IP} - port: 9893 - advertisedHost: ${NODE_IP} - advertisedPort: 9893 - bossThreads: 10 - workerThreads: 10 - eventSyncClientPool: - maxActive: 10 - maxTotal: 10 - maxIdle: 10 - maxWait: 60000 - minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin - {{- end }} diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-headless-service.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-headless-service.yaml deleted file mode 100644 index 25bbf785..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-headless-service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - clusterIP: None - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift' - port: 7612 - protocol: TCP - - name: 'thrift-ssl' - port: 7712 - protocol: TCP diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-service.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-service.yaml deleted file mode 100644 index 0f9bc1b1..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - name: 'rest-api-port-1' - protocol: TCP - port: 7444 diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-statefulset.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-statefulset.yaml deleted file mode 100644 index 12e66bea..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-statefulset.yaml +++ /dev/null @@ -1,129 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service - template: - metadata: - annotations: - checksum.am.analytics.worker.conf: {{ include (print $.Template.BasePath "/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-worker -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.worker) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.worker.imagePullPolicy }} - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 7612 - protocol: "TCP" - - containerPort: 7712 - protocol: "TCP" - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-worker-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/worker/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-analytics-worker-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-conf - - name: wso2am-analytics-worker-bin - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml deleted file mode 100644 index 717c419f..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml +++ /dev/null @@ -1,149 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.gateway.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.gateway.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - server_role = "gateway-worker" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.shared_db] - type = "h2" - url = "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE" - username = "wso2carbon" - password = "wso2carbon" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - # JWT Generation - [apim.jwt] - enable = true - encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - claim_dialect = "http://wso2.org/claims" - header = "X-JWT-Assertion" - signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever" - - # Traffic Manager configurations - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:${mgt.transport.https.port}/services/" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - enable_unlimited_tier = true - enable_header_based_throttling = false - enable_jwt_claim_based_throttling = false - enable_query_param_based_throttling = false - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" - - [apim.analytics] - enable = "true" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - store_api_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service:7444" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - # Caches - [apim.cache.gateway_token] - enable = true - expiry_time = 15 - - [apim.cache.resource] - enable = true - - [apim.cache.jwt_claim] - enable = true - expiry_time = 900 - - [apim.oauth_config] - remove_outbound_auth_header = true - auth_header = "Authorization" - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction"] - allow_credentials = false - - [transport.https.properties] - proxyPort = 443 - - [transport.passthru_https.sender.parameters] - HostnameVerifier = "AllowAll" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - {{- end }} diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-deployment.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-deployment.yaml deleted file mode 100644 index a206a02d..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-deployment.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.am.gateway.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.am.gateway.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.am.gateway.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway - template: - metadata: - annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway - spec: - initContainers: - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - - name: init-apim-1 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager instance one deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-1-service 9611; do sleep 1; printf "-"; done; echo -e " >> API Manager instance one has started";'] - - name: init-apim-2 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager instance two deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-2-service 9611; do sleep 1; printf "-"; done; echo -e " >> API Manager instance two has started";'] - containers: - - name: wso2am-gateway -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 8 }} - env: - - name: PROFILE_NAME - value: gateway-worker - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 8243 - initialDelaySeconds: {{ .Values.wso2.deployment.am.gateway.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.gateway.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 8243 - initialDelaySeconds: {{ .Values.wso2.deployment.am.gateway.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.gateway.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 8280 - protocol: TCP - - containerPort: 8243 - protocol: TCP - - containerPort: 9763 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-gateway-storage-volume - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - - name: wso2am-gateway-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-gateway-storage-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim - - name: wso2am-gateway-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-conf diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-service.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-service.yaml deleted file mode 100644 index 4b39c96e..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - - - name: pass-through-https - protocol: TCP - port: 8243 - - - name: servlet-http - protocol: TCP - port: 9763 - - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-volume-claim.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-volume-claim.yaml deleted file mode 100644 index 4bdec299..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-volume-claim.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} diff --git a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-conf.yaml b/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-conf.yaml deleted file mode 100644 index 4f13e8cf..00000000 --- a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-conf.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-km-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.km.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.km.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ template "am-pattern-2.resource.prefix" . }}-km" - node_ip = "$env{NODE_IP}" - server_role = "api-key-manager" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - {{- end }} diff --git a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-statefulset.yaml b/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-statefulset.yaml deleted file mode 100644 index 9f6bb26c..00000000 --- a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-statefulset.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-km-statefulset - namespace: {{ .Release.Namespace }} -spec: - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-km - replicas: {{ .Values.wso2.deployment.am.km.replicas }} - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-km-service - template: - metadata: - annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/km/wso2am-pattern-2-am-km-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-km - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - containers: - - name: wso2am-km -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - env: - - name: PROFILE_NAME - value: api-key-manager - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.km.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.km.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.km.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.km.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9763 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-km-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-km-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-km-conf - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-service.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-service.yaml deleted file mode 100644 index 624c1c8e..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - ports: - # ports that this service should serve on - - name: servlet-http - protocol: TCP - port: 9763 - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-volume-claims.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-volume-claims.yaml deleted file mode 100644 index bf4a05b8..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-volume-claims.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-shared-executionplans-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - {{ end }} diff --git a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml new file mode 100644 index 00000000..e3c18adf --- /dev/null +++ b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml @@ -0,0 +1,98 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-deployment + namespace: {{ .Release.Namespace }} + labels: +{{ include "am-pattern-2.labels" . | indent 4 }} +spec: + replicas: {{ .Values.wso2.deployment.mi.replicas }} + strategy: + rollingUpdate: + maxSurge: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxSurge }} + maxUnavailable: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 + template: + metadata: + labels: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 + spec: + initContainers: + - name: init-am + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager has started";'] + containers: + - name: wso2micro-integrator +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + args: + - "-DsynapseTest=true" + {{- end }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 8290 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: /healthz + port: 9201 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.readinessProbe.periodSeconds }} + resources: + requests: + memory: {{ .Values.wso2.deployment.mi.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.mi.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.limits.cpu }} + imagePullPolicy: Always + securityContext: + runAsUser: 802 + ports: + - containerPort: 8290 + protocol: TCP + - containerPort: 9201 + protocol: TCP + - containerPort: 9164 + protocol: TCP + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - containerPort: 9008 + protocol: TCP + {{- end }} + {{- if .Values.wso2.deployment.mi.envs }} + env: + {{- range $key, $val := .Values.wso2.deployment.mi.envs }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.mi.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-wso2-private-registry-creds + {{ end }} diff --git a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-service.yaml b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-service.yaml new file mode 100644 index 00000000..cad50efd --- /dev/null +++ b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-service.yaml @@ -0,0 +1,50 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-service + namespace : {{ .Release.Namespace }} + labels: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 +{{ include "am-pattern-2.labels" . | indent 4 }} +spec: + type: ClusterIP + ports: + - port: 8290 + targetPort: 8290 + protocol: TCP + name: pass-through-http + - port: 8253 + targetPort: 8253 + protocol: TCP + name: pass-through-https + - port: 9201 + targetPort: 9201 + protocol: TCP + name: metrics + - port: 9164 + targetPort: 9164 + protocol: TCP + name: management + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - port: 9008 + targetPort: 9008 + protocol: TCP + name: synapse-test + {{- end}} + selector: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-ingress.yaml b/advanced/am-pattern-2/templates/mi/wso2am-pattern-2-mi-management-ingress.yaml similarity index 54% rename from advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-ingress.yaml rename to advanced/am-pattern-2/templates/mi/wso2am-pattern-2-mi-management-ingress.yaml index 4cfe2bc4..76ddefec 100644 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-ingress.yaml +++ b/advanced/am-pattern-2/templates/mi/wso2am-pattern-2-mi-management-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-ingress + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-management-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.devportal.ingress.annotations }} +{{- if .Values.wso2.deployment.mi.ingress.management.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.am.devportal.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.mi.ingress.management.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.am.devportal.ingress.hostname }} + - {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} rules: - - host: {{ .Values.wso2.deployment.am.devportal.ingress.hostname }} + - host: {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} http: paths: - - path: / - backend: - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service - servicePort: 9443 + - path: / + backend: + serviceName: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-service + servicePort: 9164 diff --git a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml index 1872c2df..0041fb41 100644 --- a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml +++ b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq (default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry) "docker.wso2.com") }} # Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -16,13 +16,13 @@ {{- $username := .Values.wso2.subscription.username }} {{- $password := .Values.wso2.subscription.password }} {{- $email := .Values.wso2.subscription.username }} -{{- $regId := default "docker.wso2.com" .Values.wso2.dockerRegistry }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry }} {{- $auth := printf "%s:%s" $username $password | b64enc }} {{- $files := .Files }} apiVersion: v1 kind: Secret metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-wso2-private-registry-creds namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: diff --git a/advanced/am-pattern-2/values.yaml b/advanced/am-pattern-2/values.yaml index 5f89ebb0..e13edd4a 100644 --- a/advanced/am-pattern-2/values.yaml +++ b/advanced/am-pattern-2/values.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,168 +21,132 @@ wso2: password: "" deployment: - dependencies: - # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster - mysql: true - # Enable NFS dynamic provisioner for Kubernetes - nfsServerProvisioner: true - - # Persisted and shared runtime artifacts for API Manager - # See official documentation (from https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/common-runtime-and-configuration-artifacts/#persistent-runtime-artifacts) - persistentRuntimeArtifacts: - # Kubernetes Storage Class to be used to dynamically provision the relevant Persistent Volumes - # Only persistent storage solutions supporting ReadWriteMany access mode are applicable (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) - # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) - storageClass: &storage_class "nfs" - - # Define capacities for persistent runtime artifact directories which are shared between instances of the relevant API Manager profile - sharedArtifacts: - capacity: - # For execution plans shared between the Traffic Manager profile instances - executionPlans: 20M - # For synapse artifacts of APIs shared between the Gateway profile instances - synapseConfigs: 50M - - # Persistent runtime artifacts for Apache Solr-based indexing - apacheSolrIndexing: - # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled - # By default, this is disabled - enabled: false - # Define capacities for persistent runtime artifact directories - capacity: - # For persisting the H2 based local Carbon database file - carbonDatabase: 50M - # For persisting the indexed data - solrIndexedData: 50M - - am: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. # dockerRegistry: "" - imageName: "wso2am" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - + imageName: "wso2mi" + imageTag: "4.0.0" + # Number of deployment replicas + replicas: 2 + strategy: + rollingUpdate: + # The maximum number of pods that can be scheduled above the desired number of pods. + maxSurge: 1 + # The maximum number of pods that can be unavailable during the update. + maxUnavailable: 0 + # Indicates whether the container is running. + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # Indicates whether the container is ready to service requests. + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # These are the minimum resource recommendations for running WSO2 Micro Integrator resources: - # These are the resource recommendations for running WSO2 API Management product profiles with profile optimization - # Resource configurations defined here are applicable for Gateway and Key Manager profile deployments, which use profile optimization requests: + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" + limits: + # The maximum amount of memory that should be allocated for a Pod memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod cpu: "1000m" - limits: - memory: "2Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "512m" - # Maximum Heap size - xmx: "512m" - - # API Manager's Gateway specific configurations - gateway: - # Indicates whether the container is running - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - # Number of deployment replicas - replicas: 2 - - # Kubernetes RollingUpdate strategy configurations - strategy: - rollingUpdate: - # The maximum number of pods that can be scheduled above the desired number of pods - maxSurge: 2 - # The maximum number of pods that can be unavailable during the update - maxUnavailable: 0 - - # If the deployment configurations for the Gateway profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> gateway -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Gateway profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false - # Configure Ingress - ingress: - # Hostname for Gateway profile - hostname: "gateway.am.wso2.com" - # Annotations for the API Manager Gateway service Ingress + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "tenant2.management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - # API Manager's Key Manager specific configurations - km: - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - # Number of deployment replicas - replicas: 2 - - # If the deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> km -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) +kubernetes: + # Name of Kubernetes service account + serviceAccount: &service_account "wso2am-pattern-2-svc-account" + +am-pattern-1: + wso2: + # WSO2 Subscription parameters (https://wso2.com/subscription/) + # If provided, these parameters will be used to obtain official WSO2 product Docker images available at WSO2 Private Docker Registry (https://docker.wso2.com/) + # for this deployment + subscription: + username: "" + password: "" + + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" + + deployment: + dependencies: + # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster + mysql: true + # Enable NFS dynamic provisioner for Kubernetes + nfsServerProvisioner: true + + # Persisted and shared runtime artifacts for API Manager + # See official documentation (from https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/common-runtime-and-configuration-artifacts/#persistent-runtime-artifacts) + persistentRuntimeArtifacts: + # Kubernetes Storage Class to be used to dynamically provision the relevant Persistent Volumes + # Only persistent storage solutions supporting ReadWriteMany access mode are applicable (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) + # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) + storageClass: &storage_class "nfs" + + # Persistent runtime artifacts for Apache Solr-based indexing + apacheSolrIndexing: + # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled + # By default, this is disabled + enabled: false + # Define capacities for persistent runtime artifact directories + capacity: + # For persisting the H2 based local Carbon database file + carbonDatabase: 50M + # For persisting the indexed data + solrIndexedData: 50M + + am: + # Container image configurations + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value + # dockerRegistry: "" + imageName: "wso2am" + imageTag: "4.0.0" + # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) + imagePullPolicy: Always - pubDevPortalTM: # Indicates whether the container is running livenessProbe: # Number of seconds after the container has started before liveness probes are initiated initialDelaySeconds: 180 # How often (in seconds) to perform the probe periodSeconds: 10 - # Indicates whether the container is ready to service requests + # Indicates whether the container is ready to service requests readinessProbe: # Number of seconds after the container has started before readiness probes are initiated initialDelaySeconds: 180 # How often (in seconds) to perform the probe periodSeconds: 10 - # If the deployment configurations for the Publisher-Store-TM of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> pubDevPortalTM -> instanceTwo -> config -> deployment.toml) -# config: "" -# deployment.toml: |- -# # deployment configurations for All-In-One WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - # Configure Ingress - ingress: - # Hostname for API Manager Carbon Management Console, Publisher, DevPortal and Admin Portal - hostname: "am.wso2.com" - # Annotations for the API Manager Publisher-DevPortal services Ingress - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - resources: - # These are the resource recommendations for running WSO2 API Management All-In-One deployment + # These are the minimum resource recommendations for running WSO2 API Management product profiles # as per official documentation (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) requests: memory: "2Gi" @@ -202,138 +166,99 @@ wso2: # Maximum Heap size xmx: "1024m" - analytics: - dashboard: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value - # dockerRegistry: "" - imageName: "wso2am-analytics-dashboard" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always + # If the deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml), + # add the customized configuration file under (wso2 -> deployment -> am -> config -> deployment.toml) + # config: "" + # deployment.toml: |- + # # deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) + # Configure Ingresses + ingress: + management: + # Hostname for API Manager Carbon Management Console, Publisher, DevPortal and Admin Portal + hostname: "am.wso2.com" + # Annotations for the API Manager Publisher-DevPortal services Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/affinity: "cookie" + nginx.ingress.kubernetes.io/session-cookie-name: "route" + nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" + gateway: + # Hostname for Gateway profile + hostname: "gateway.am.wso2.com" + # Annotations for the API Manager Gateway service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + websub: + hostname: "websub.am.wso2.com" + # Annotations for the API Manager WebSub service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. + # dockerRegistry: "" + imageName: "wso2mi" + imageTag: "4.0.0" # Number of deployment replicas - replicas: 1 - - # Kubernetes RollingUpdate strategy configurations + replicas: 2 strategy: rollingUpdate: - # The maximum number of pods that can be scheduled above the desired number of pods + # The maximum number of pods that can be scheduled above the desired number of pods. maxSurge: 1 - # The maximum number of pods that can be unavailable during the update + # The maximum number of pods that can be unavailable during the update. maxUnavailable: 0 - - # Indicates whether the container is running - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - # If the deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> dashboard -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml) - - resources: - # These are the resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). - requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. - limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - - # Configure Ingress - ingress: - # Hostname for API Manager Analytics Dashboard - hostname: "analytics.am.wso2.com" - # Annotations for the API Manager Analytics Dashboard service Ingress - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - - worker: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. - # dockerRegistry: "" - imageName: "wso2am-analytics-worker" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - # Indicates whether the container is running. livenessProbe: # Number of seconds after the container has started before liveness probes are initiated. - initialDelaySeconds: 20 + initialDelaySeconds: 35 # How often (in seconds) to perform the probe. periodSeconds: 10 # Indicates whether the container is ready to service requests. readinessProbe: # Number of seconds after the container has started before readiness probes are initiated. - initialDelaySeconds: 20 + initialDelaySeconds: 35 # How often (in seconds) to perform the probe. periodSeconds: 10 - - # If the deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> worker -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml) - + # These are the minimum resource recommendations for running WSO2 Micro Integrator resources: - # These are the resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - -kubernetes: - # Name of Kubernetes service account - serviceAccount: "wso2am-pattern-2-svc-account" - -# Override sub chart parameters -mysql-am: - mysql: - persistence: - storageClass: *storage_class + # The maximum amount of memory that should be allocated for a Pod + memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod + cpu: "1000m" + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false + + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "tenant1.management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + + kubernetes: + # Name of Kubernetes service account + serviceAccount: *service_account + + # Override sub chart parameters + mysql-am: + mysql: + persistence: + storageClass: *storage_class diff --git a/advanced/am-pattern-3/Chart.yaml b/advanced/am-pattern-3/Chart.yaml index 79aeae2b..716c07ed 100644 --- a/advanced/am-pattern-3/Chart.yaml +++ b/advanced/am-pattern-3/Chart.yaml @@ -13,8 +13,8 @@ # limitations under the License. apiVersion: v1 -appVersion: "3.2.0" +appVersion: "4.0.0" description: A Helm chart for the deployment of WSO2 API Management deployment pattern 3 name: am-pattern-3 -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/am-pattern-3/README.md b/advanced/am-pattern-3/README.md index 0bc4cbd6..999eadad 100644 --- a/advanced/am-pattern-3/README.md +++ b/advanced/am-pattern-3/README.md @@ -1,12 +1,11 @@ -# Helm Chart for deployment of a Fully Distributed Setup of WSO2 API Manager with WSO2 API Manager Analytics +# Pattern 3: Helm Chart for deployment of a Simple Scalable Deployment of WSO2 API Manager -Resources for building a Helm chart for deployment of a [fully distributed setup of WSO2 API Manager with WSO2 API Manager Analytics -support](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-3-fully-distributed-setup). +Resources for building a Helm chart for deployment of a [simple scalable deployment of WSO2 API Manager](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/deployment-overview/#simple-scalable-deployment). -![WSO2 API Manager pattern 3 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/3-fully-distributed-setup.png) +![WSO2 API Manager pattern 3 deployment](https://apim.docs.wso2.com/en/4.0.0/assets/img/setup-and-install/basic-scalable-deployment.png) For advanced details on the deployment pattern, please refer to the official -[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/deploying-wso2-api-m-in-a-distributed-setup/). +[documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/distributed-deployment/deploying-wso2-api-m-in-a-distributed-setup/). ## Contents @@ -58,7 +57,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] Helm version 2 ``` - helm install --name wso2/am-pattern-3 --version 3.2.0-1 --namespace + helm install --name wso2/am-pattern-3 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -66,7 +65,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] - Deploy the Kubernetes resources using the Helm Chart ``` - helm install wso2/am-pattern-3 --version 3.2.0-1 --namespace --create-namespace + helm install wso2/am-pattern-3 --version 4.0.0-1 --namespace --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -77,7 +76,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name wso2/am-pattern-3 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name wso2/am-pattern-3 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` #### Install Chart From Source @@ -98,7 +97,7 @@ git clone https://github.com/wso2/kubernetes-apim.git Helm version 2 ``` - helm install --dep-up --name /am-pattern-3 --version 3.2.0-1 --namespace + helm install --dep-up --name /am-pattern-3 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -106,7 +105,7 @@ git clone https://github.com/wso2/kubernetes-apim.git - Deploy the Kubernetes resources using the Helm Chart ``` - helm install /am-pattern-3 --version 3.2.0-1 --namespace --dependency-update --create-namespace + helm install /am-pattern-3 --version 4.0.0-1 --namespace --dependency-update --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -117,9 +116,45 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name /am-pattern-3 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name /am-pattern-3 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` +Or else, you can configure the default configurations inside the am-pattern-3 helm chart [values.yaml](https://github.com/wso2/kubernetes-apim/blob/master/advanced/am-pattern-3/values.yaml) file. Refer [this](https://helm.sh/docs/chart_template_guide/values_files/) for to learn more details about the `values.yaml` file. + + +> **Note:**
+From the above Helm commands, base image of a Micro Integrator is deployed (without any integration solution). To deploy your integration solution with the Helm charts follow the below steps.

+>1. [Create an integration service using WSO2 Integration Studio and expose it as a Managed API](https://apim.docs.wso2.com/en/4.0.0/tutorials/integration-tutorials/service-catalog-tutorial/#exposing-an-integration-service-as-a-managed-api). Then [create a Docker image](https://apim.docs.wso2.com/en/4.0.0/integrate/develop/create-docker-project/#creating-docker-exporter) and push it to your private or public Docker registry.

+ - `INTEGRATION_IMAGE_REGISTRY` will refer to the Docker registry that created Docker image has been pushed
+ - `INTEGRATION_IMAGE_NAME` will refer to the name of the created Docker image
+ - `INTEGRATION_IMAGE_TAG` will refer to the tag of the created Docker image

+>2. If your Docker registry is a private registry, [create an imagePullSecret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).

+ - `IMAGE_PULL_SECRET` will refer to the created image pull secret

+>3. Deploy the helm resource using following command.

+> ``` +> helm install wso2/am-pattern-3 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= +> ``` + +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/4.0.0/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +Helm v2 + +``` +helm install --name wso2/am-pattern-3 --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +Helm v3 + +``` +helm install wso2/am-pattern-3 --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace +``` + +You will be able to see the Analytics data when you log into Choreo Analytics Portal. + ### 2. Obtain the external IP Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. @@ -130,33 +165,33 @@ kubectl get ing -n The output under the relevant column stands for the following. -API Manager Publisher - -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-publisher-ingress`) -- HOSTS: Hostname of the WSO2 API Manager's Publisher service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Publisher service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager's Publisher service +API Manager Control Plane -API Manager DevPortal - -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-devportal-ingress`) -- HOSTS: Hostname of the WSO2 API Manager's DevPortal service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's DevPortal service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager service +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-cp-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Control Plane service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Control Plane service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager's Control Plane service API Manager Gateway - NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-gateway-ingress`) - HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager's DevPortal service +- PORTS: Externally exposed service ports of the API Manager's Gateway service + +API Manager Websub -API Manager Analytics Dashboard +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to wso2am-pattern-3-am-websub-ingress) +- HOSTS: Hostname of the WSO2 API Manager's Websub service (``) +- ADDRESS: External IP (EXTERNAL-IP) exposing the API Manager's Websub service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager's Websub service -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-analytics-dashboard-ingress`) -- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service +Micro Integrator Management APIs + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to wso2am-pattern-3-mi-1-management-ingress) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (EXTERNAL-IP) exposing the Micro Integrator service to outside of the Kubernetes environment +PORTS: Externally exposed service ports of the Micro Integrator service ### 3. Add a DNS record mapping the hostnames and the external IP @@ -166,18 +201,11 @@ the external IP (`EXTERNAL-IP`) in the relevant DNS service. If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. -``` - -``` - ### 4. Access Management Consoles -- API Manager Publisher: `https:///publisher` - -- API Manager DevPortal: `https:///devportal` - -- API Manager Analytics Dashboard: `https:///analytics-dashboard` +- API Manager Publisher: `https:///publisher` +- API Manager DevPortal: `https:///devportal` ## Configuration @@ -189,6 +217,9 @@ The following tables lists the configurable parameters of the chart and their de |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.subscription.username` | Your WSO2 Subscription username | - | | `wso2.subscription.password` | Your WSO2 Subscription password | - | +| `wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. @@ -216,7 +247,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | | `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | -| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | | `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | | `wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for running API Manager product profiles with profile optimization | 1Gi | | `wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for running API Manager product profiles with profile optimization | 1000m | @@ -226,65 +257,49 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager optimized profile | 10 | | `wso2.deployment.am.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager optimized profile | 60 | | `wso2.deployment.am.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager optimized profile | 10 | +| `wso2.deployment.am.websub.ingress.hostname` | Hostname for API Manager WebSub service | `websub.am.wso2.com` | +| `wso2.deployment.am.websub.ingress.annotations` | Ingress resource annotations for API Manager WebSub | Community NGINX Ingress controller annotations | | `wso2.deployment.am.gateway.ingress.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | | `wso2.deployment.am.gateway.ingress.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | | `wso2.deployment.am.gateway.replicas` | Number of replicas of API Manager Gateway to be started | 2 | | `wso2.deployment.am.gateway.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | | `wso2.deployment.am.gateway.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | | `wso2.deployment.am.gateway.config` | Custom deployment configuration file for Gateway profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.km.replicas` | Number of replicas of API Manager Key Manager to be started | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.am.km.config` | Custom deployment configuration file for Key Manager profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.publisher.ingress.hostname` | Hostname for API Manager Publisher | `publisher.am.wso2.com` | -| `wso2.deployment.am.publisher.ingress.annotations` | Ingress resource annotations for API Manager Publisher | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.publisher.config` | Custom deployment configuration file for Publisher profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.devportal.ingress.hostname` | Hostname for API Manager DevPortal | `devportal.am.wso2.com` | -| `wso2.deployment.am.devportal.ingress.annotations` | Ingress resource annotations for API Manager DevPortal | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.devportal.config` | Custom deployment configuration file for DevPortal profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.tm.config` | Custom deployment configuration file for Traffic Manager profile (`/repository/conf/deployment.toml`) | - | - -###### Analytics Dashboard Runtime Configurations - -| Parameter | Description | Default Value | -|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | -| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | -| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | -| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | - -###### Analytics Worker Runtime Configurations - -| Parameter | Description | Default Value | -|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | -| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | - -###### Kubernetes Specific Configurations +| `wso2.deployment.am.cp.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Control Plane profile | 60 | +| `wso2.deployment.am.cp.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Control Plane profile | 10 | +| `wso2.deployment.am.cp.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Control Plane profile | 60 | +| `wso2.deployment.am.cp.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Control Plane profile | 10 | +| `wso2.deployment.am.cp.ingress.hostname` | Hostname for API Manager Control Plane | `am.wso2.com` | +| `wso2.deployment.am.cp.ingress.annotations` | Ingress resource annotations for API Manager Control Plane | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.cp.resources.requests.memory` | The minimum amount of memory that should be allocated for running API Manager API Manager Control Plane | 1Gi | +| `wso2.deployment.am.cp.resources.requests.cpu` | The minimum amount of CPU that should be allocated for running API ManagerAPI Manager Control Plane | 1000m | +| `wso2.deployment.am.cp.resources.limits.memory` | The maximum amount of memory that should be allocated for running API Manager API Manager Control Plane | 2Gi | +| `wso2.deployment.am.cp.resources.limits.cpu` | The maximum amount of CPU that should be allocated for running API Manager API Manager Control Plane | 2000m | +| `wso2.deployment.am.cp.config` | Custom deployment configuration file for Control Plane profile (`/repository/conf/deployment.toml`) | - | + +###### Micro Integrator Server Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.mi.dockerRegistry` | Registry location of the Docker image to be used to create Micro Integrator instances | - | +| `wso2.deployment.mi.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2mi` | +| `wso2.deployment.mi.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `wso2.deployment.mi.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.mi.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.livenessProbe.periodSeconds` | Period of the live-ness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.readinessProbe.periodSeconds` | Period of the readiness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 512Mi | +| `wso2.deployment.mi.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 500m | +| `wso2.deployment.mi.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 1Gi | +| `wso2.deployment.mi.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 1000m | +| `wso2.deployment.mi.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.mi.ingress.management.hostname` | Hostname for Micro Integrator management apis | `management.mi.wso2.com` | +| `wso2.deployment.mi.ingress.management.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | + +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/install/installation-prerequisites/). + +## Kubernetes Specific Configurations | Parameter | Description | Default Value | |---------------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------| diff --git a/advanced/am-pattern-3/auth.json b/advanced/am-pattern-3/auth.json index 88619f76..97387c87 100644 --- a/advanced/am-pattern-3/auth.json +++ b/advanced/am-pattern-3/auth.json @@ -1,6 +1,6 @@ { "auths": { - "docker.wso2.com": { + "reg.id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/advanced/am-pattern-3/requirements.yaml b/advanced/am-pattern-3/requirements.yaml index 7cbd9c07..687ffdad 100644 --- a/advanced/am-pattern-3/requirements.yaml +++ b/advanced/am-pattern-3/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: mysql-am - version: "3.2.0-4" + version: "4.0.0-1" repository: "https://helm.wso2.com" condition: wso2.deployment.dependencies.mysql - name: nfs-server-provisioner diff --git a/advanced/am-pattern-3/templates/NOTES.txt b/advanced/am-pattern-3/templates/NOTES.txt index ecad5daa..dd124a5f 100644 --- a/advanced/am-pattern-3/templates/NOTES.txt +++ b/advanced/am-pattern-3/templates/NOTES.txt @@ -1,6 +1,6 @@ Thank you for installing WSO2 API Manager. -Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. +Please follow these steps to access API Manager Publisher, DevPortal consoles. 1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. @@ -8,19 +8,12 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an The output under the relevant column stands for the following. - API Manager Publisher + API Manager Control Plane - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-ingress) - - HOSTS: Hostname of the WSO2 API Manager's Publisher service ({{ .Values.wso2.deployment.am.publisher.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Publisher service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager's Publisher service - - API Manager DevPortal - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-ingress) - - HOSTS: Hostname of the WSO2 API Manager's DevPortal service ({{ .Values.wso2.deployment.am.devportal.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's DevPortal service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager service + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-cp-ingress) + - HOSTS: Hostname of the WSO2 API Manager's Control Plane service ({{ .Values.wso2.deployment.am.cp.ingress.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Control PLane service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the API Manager's Control Plane service API Manager Gateway @@ -29,13 +22,6 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager's DevPortal service - API Manager Analytics Dashboard - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-ingress) - - HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service ({{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service - 2. Add a DNS record mapping the hostnames (in step 1) and the external IP. If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and @@ -44,12 +30,28 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. - {{ .Values.wso2.deployment.am.publisher.ingress.hostname }} {{ .Values.wso2.deployment.am.devportal.ingress.hostname }} {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + {{ .Values.wso2.deployment.am.cp.ingress.hostname }} {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} 3. Navigate to the consoles in your browser of choice. - API Manager Publisher: https://{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}/publisher - API Manager DevPortal: https://{{ .Values.wso2.deployment.am.devportal.ingress.hostname }}/devportal - API Manager Analytics Dashboard: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}/analytics-dashboard + API Manager Publisher: https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/publisher + API Manager DevPortal: https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal + +Please follow these steps to assess Micro Integrator. + +1. Obtain the external IP (`EXTERNAL-IP`) of the Ingress resources by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + Micro Integrator Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-mi-1-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ .Values.wso2.deployment.mi.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + +2. Add the above host as an entry in /etc/hosts file as follows: + + {{ .Values.wso2.deployment.mi.ingress.management.hostname }} Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/advanced/am-pattern-3/templates/_helpers.tpl b/advanced/am-pattern-3/templates/_helpers.tpl index a0c6813e..59870ce6 100644 --- a/advanced/am-pattern-3/templates/_helpers.tpl +++ b/advanced/am-pattern-3/templates/_helpers.tpl @@ -73,7 +73,7 @@ image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- {{- else }} {{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} {{- $parts := len (split "." $imageTag) }} -{{- if eq $parts 3 }} +{{- if and (eq $parts 3) (eq $dockerRegistry "docker.wso2.com") }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} {{- else }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-bin.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-bin.yaml deleted file mode 100644 index 238f2fb8..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml deleted file mode 100644 index ea028036..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,444 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.analytics.dashboard.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.dashboard.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DASHBOARD_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false" - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 9640 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}/oauth2 - kmTokenUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 30 - baseUrl: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - grantType: authorization_code - publisherUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service:9443 - devPortalUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service:9443 - externalLogoutUrl: https://{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE - {{- end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-deployment.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-deployment.yaml deleted file mode 100644 index 314abdca..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,126 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.analytics.dashboard.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard - template: - metadata: - annotations: - checksum.am.analytics.dashboard.conf: {{ include (print $.Template.BasePath "/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-am-publisher - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager Publisher deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager Publisher service has started";'] - - name: init-am-devportal - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager DevPortal deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager DevPortal service has started";'] - containers: - - name: wso2am-analytics-dashboard -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.dashboard) | indent 8 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.dashboard.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9643 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-dashboard-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/dashboard/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-analytics-dashboard-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-conf - - name: wso2am-analytics-dashboard-bin - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-service.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-service.yaml deleted file mode 100644 index 0388cd02..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard - ports: - # ports that this service should serve on - - name: 'analytics-dashboard' - port: 9643 - protocol: TCP diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-bin.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-bin.yaml deleted file mode 100644 index d0671d5d..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml deleted file mode 100644 index 3d8f2cfa..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml +++ /dev/null @@ -1,583 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.worker.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.worker.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: ${NODE_ID} - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: true - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_CLUSTER_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - - - name: PERSISTENCE_DB - description: "Datasource used for persistence" - jndiConfig: - name: jdbc/PERSISTENCE_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_PERSISTENCE_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: true - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 5 - eventPollingInterval: 5000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - # Sample of deployment.config for Two node HA - deployment.config: - type: ha - passiveNodeDetailsWaitTimeOutMillis: 300000 - passiveNodeDetailsRetrySleepTimeMillis: 500 - eventByteBufferQueueCapacity: 20000 - byteBufferExtractorThreadPoolSize: 5 - eventSyncServer: - host: ${NODE_IP} - port: 9893 - advertisedHost: ${NODE_IP} - advertisedPort: 9893 - bossThreads: 10 - workerThreads: 10 - eventSyncClientPool: - maxActive: 10 - maxTotal: 10 - maxIdle: 10 - maxWait: 60000 - minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin - {{- end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-headless-service.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-headless-service.yaml deleted file mode 100644 index dd6c8f8b..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-headless-service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - clusterIP: None - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift' - port: 7612 - protocol: TCP - - name: 'thrift-ssl' - port: 7712 - protocol: TCP diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-service.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-service.yaml deleted file mode 100644 index 3aa6bf45..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - name: 'rest-api-port-1' - protocol: TCP - port: 7444 diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-statefulset.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-statefulset.yaml deleted file mode 100644 index 8ce11630..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-statefulset.yaml +++ /dev/null @@ -1,129 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service - template: - metadata: - annotations: - checksum.am.analytics.worker.conf: {{ include (print $.Template.BasePath "/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-worker -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.worker) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.worker.imagePullPolicy }} - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 7612 - protocol: "TCP" - - containerPort: 7712 - protocol: "TCP" - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-worker-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/worker/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-analytics-worker-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-conf - - name: wso2am-analytics-worker-bin - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml similarity index 62% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml rename to advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml index 7155ec70..6609c04b 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,11 +15,11 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-conf + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-conf namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.config }} + {{ if .Values.wso2.deployment.am.cp.config }} data: - {{- range $index, $content := .Values.wso2.deployment.am.config }} + {{- range $index, $content := .Values.wso2.deployment.am.cp.config }} {{ $index }}: |- {{ tpl $content $ | indent 4 }} {{- end }} @@ -28,13 +28,11 @@ data: data: deployment.toml: |- [server] - hostname = "{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}" - node_ip = "$env{NODE_IP}" + hostname = "{{ .Values.wso2.deployment.am.cp.ingress.hostname }}" #offset=0 - mode = "single" #single or ha base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false - server_role = "default" + server_role = "control-plane" [super_admin] username = "admin" @@ -80,18 +78,20 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." show_as_token_endpoint_url = true - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}/services/" + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" username= "${admin.username}" password= "${admin.password}" ws_endpoint = "ws://localhost:9099" wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" #[apim.cache.gateway_token] #enable = true @@ -121,61 +121,25 @@ data: #[apim.cache.tags] #expiry_time = "2m" - [apim.analytics] - enable = true - store_api_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" - [apim.key_manager] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + username = "$ref{super_admin.username}" + password = "$ref{super_admin.password}" #pool.init_idle_capacity = 50 #pool.max_idle = 100 #key_validation_handler_type = "default" #key_validation_handler_type = "custom" #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - [apim.oauth_config] + #[apim.oauth_config] #enable_outbound_auth_header = false #auth_header = "Authorization" - revoke_endpoint = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/revoke" + #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" #enable_token_encryption = false #enable_token_hashing = false [apim.devportal] - url = "https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/devportal" + url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal" #enable_application_sharing = false #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api @@ -186,47 +150,39 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false [apim.throttling] - event_duplicate_url = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:${mgt.transport.https.port}/services/" + event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" #enable_data_publishing = true #enable_policy_deploy = true #enable_blacklist_condition = true #enable_persistence = true - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 + throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] type = "loadbalance" [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] type = "loadbalance" + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "failover" + #[apim.workflow] #enable = false #service_url = "https://localhost:9445/bpmn" @@ -293,12 +249,12 @@ data: proxyPort = 443 [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-deployment.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml similarity index 64% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-deployment.yaml rename to advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml index 748dae1e..7cbd5ff3 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-deployment.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-deployment + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-deployment namespace: {{ .Release.Namespace }} spec: replicas: 1 @@ -23,15 +23,15 @@ spec: type: Recreate selector: matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-1 + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1 template: metadata: annotations: - checksum.am.conf: {{ include (print $.Template.BasePath "/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml") . | sha256sum }} + checksum.am.conf: {{ include (print $.Template.BasePath "/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml") . | sha256sum }} labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-1 + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1 spec: initContainers: {{ if .Values.wso2.deployment.dependencies.mysql }} @@ -51,9 +51,6 @@ spec: - name: mysql-connector-jar mountPath: /mysql-connector-jar {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] containers: - name: wso2am {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} @@ -64,27 +61,27 @@ spec: - /bin/sh - -c - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.periodSeconds }} + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.periodSeconds }} readinessProbe: exec: command: - /bin/sh - -c - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.periodSeconds }} + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.periodSeconds }} lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.cpu }} + memory: {{ .Values.wso2.deployment.am.cp.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.requests.cpu }} limits: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.cpu }} + memory: {{ .Values.wso2.deployment.am.cp.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.limits.cpu }} securityContext: runAsUser: 802 ports: @@ -99,15 +96,15 @@ spec: - containerPort: 5672 protocol: "TCP" env: + - name: PROFILE_NAME + value: control-plane - name: NODE_IP valueFrom: fieldRef: fieldPath: status.podIP - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xmx }}" + value: "-Xms{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xmx }}" volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - name: wso2am-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} @@ -129,25 +126,22 @@ spec: - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds + - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-shared-executionplans-volume-claim - name: wso2am-conf configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-conf + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - name: wso2am-local-carbon-database-storage persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-1-local-carbon-database-volume-claim + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-local-carbon-database-volume-claim - name: wso2am-solr-indexed-data-storage persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-1-solr-indexed-data-volume-claim + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-solr-indexed-data-volume-claim - name: wso2am-conf-entrypoint configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-conf-entrypoint + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-conf-entrypoint defaultMode: 0407 {{ end }} {{ if .Values.wso2.deployment.dependencies.mysql }} diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-headless-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml similarity index 76% rename from advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-headless-service.yaml rename to advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml index 44041d3b..8bfb47c4 100644 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-headless-service.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,24 +15,24 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service - namespace: {{ .Release.Namespace }} + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service + namespace : {{ .Release.Namespace }} spec: # label keys and values that must match in order to receive traffic for this service - clusterIP: None selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1 ports: # ports that this service should serve on - name: binary - port: 9611 protocol: TCP - targetPort: 9611 + port: 9611 - name: binary-secure - port: 9711 protocol: TCP - targetPort: 9711 + port: 9711 - name: jms-tcp + protocol: TCP port: 5672 + - name: servlet-https protocol: TCP - targetPort: 5672 + port: 9443 diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml similarity index 63% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml rename to advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml index acdde69e..d4d56ad3 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,11 +15,11 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-conf + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-conf namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.config }} + {{ if .Values.wso2.deployment.am.cp.config }} data: - {{- range $index, $content := .Values.wso2.deployment.am.config }} + {{- range $index, $content := .Values.wso2.deployment.am.cp.config }} {{ $index }}: |- {{ tpl $content $ | indent 4 }} {{- end }} @@ -28,13 +28,12 @@ data: data: deployment.toml: |- [server] - hostname = "{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}" + hostname = "{{ .Values.wso2.deployment.am.cp.ingress.hostname }}" node_ip = "$env{NODE_IP}" #offset=0 - mode = "single" #single or ha base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false - server_role = "default" + server_role = "control-plane" [super_admin] username = "admin" @@ -80,18 +79,20 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." show_as_token_endpoint_url = true - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}/services/" + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" username= "${admin.username}" password= "${admin.password}" ws_endpoint = "ws://localhost:9099" wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" #[apim.cache.gateway_token] #enable = true @@ -121,61 +122,25 @@ data: #[apim.cache.tags] #expiry_time = "2m" - [apim.analytics] - enable = true - store_api_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" - [apim.key_manager] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + username = "$ref{super_admin.username}" + password = "$ref{super_admin.password}" #pool.init_idle_capacity = 50 #pool.max_idle = 100 #key_validation_handler_type = "default" #key_validation_handler_type = "custom" #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - [apim.oauth_config] + #[apim.oauth_config] #enable_outbound_auth_header = false #auth_header = "Authorization" - revoke_endpoint = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/revoke" + #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" #enable_token_encryption = false #enable_token_hashing = false [apim.devportal] - url = "https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/devportal" + url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal" #enable_application_sharing = false #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api @@ -186,47 +151,39 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false [apim.throttling] - event_duplicate_url = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672"] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:${mgt.transport.https.port}/services/" + event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672"] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" #enable_data_publishing = true #enable_policy_deploy = true #enable_blacklist_condition = true #enable_persistence = true - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 + throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] type = "loadbalance" [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] type = "loadbalance" + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "failover" + #[apim.workflow] #enable = false #service_url = "https://localhost:9445/bpmn" @@ -293,12 +250,12 @@ data: proxyPort = 443 [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-deployment.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml similarity index 64% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-deployment.yaml rename to advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml index 8abd064c..ef45c90b 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-deployment.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-deployment + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-deployment namespace: {{ .Release.Namespace }} spec: replicas: 1 @@ -23,15 +23,15 @@ spec: type: Recreate selector: matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-2 + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2 template: metadata: annotations: - checksum.am.conf: {{ include (print $.Template.BasePath "/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml") . | sha256sum }} + checksum.am.conf: {{ include (print $.Template.BasePath "/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml") . | sha256sum }} labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-2 + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2 spec: initContainers: {{ if .Values.wso2.deployment.dependencies.mysql }} @@ -51,9 +51,6 @@ spec: - name: mysql-connector-jar mountPath: /mysql-connector-jar {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] containers: - name: wso2am {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} @@ -64,27 +61,27 @@ spec: - /bin/sh - -c - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.periodSeconds }} + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.periodSeconds }} readinessProbe: exec: command: - /bin/sh - -c - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.periodSeconds }} + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.periodSeconds }} lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.cpu }} + memory: {{ .Values.wso2.deployment.am.cp.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.requests.cpu }} limits: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.cpu }} + memory: {{ .Values.wso2.deployment.am.cp.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.limits.cpu }} securityContext: runAsUser: 802 ports: @@ -99,15 +96,15 @@ spec: - containerPort: 5672 protocol: "TCP" env: + - name: PROFILE_NAME + value: control-plane - name: NODE_IP valueFrom: fieldRef: fieldPath: status.podIP - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xmx }}" + value: "-Xms{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xmx }}" volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - name: wso2am-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} @@ -129,25 +126,22 @@ spec: - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds + - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-shared-executionplans-volume-claim - name: wso2am-conf configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-conf + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - name: wso2am-local-carbon-database-storage persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-2-local-carbon-database-volume-claim + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-local-carbon-database-volume-claim - name: wso2am-solr-indexed-data-storage persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-2-solr-indexed-data-volume-claim + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-solr-indexed-data-volume-claim - name: wso2am-conf-entrypoint configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-conf-entrypoint + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-conf-entrypoint defaultMode: 0407 {{ end }} {{ if .Values.wso2.deployment.dependencies.mysql }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml similarity index 74% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-service.yaml rename to advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml index d1cd0de3..44f72d15 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-service.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,13 +15,13 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-service + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service namespace : {{ .Release.Namespace }} spec: # label keys and values that must match in order to receive traffic for this service selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-1 + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2 ports: # ports that this service should serve on - name: binary @@ -33,3 +33,6 @@ spec: - name: jms-tcp protocol: TCP port: 5672 + - name: servlet-https + protocol: TCP + port: 9443 diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-conf-entrypoint.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-conf-entrypoint.yaml similarity index 90% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-conf-entrypoint.yaml rename to advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-conf-entrypoint.yaml index 58a3d053..8e22b6d5 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-conf-entrypoint.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-conf-entrypoint.yaml @@ -1,6 +1,6 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} +{{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-conf-entrypoint + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-conf-entrypoint namespace: {{ .Release.Namespace }} data: docker-entrypoint.sh: | @@ -80,10 +80,10 @@ data: if [[ -z "${PROFILE_NAME}" ]] then # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh "$@" else # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh -Dprofile=${PROFILE_NAME} "$@" fi {{ end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-ingress.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-ingress.yaml similarity index 60% rename from advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-ingress.yaml rename to advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-ingress.yaml index 7cb24f15..8c8dcbbd 100644 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-ingress.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-ingress + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.analytics.dashboard.ingress.annotations }} +{{- if .Values.wso2.deployment.am.cp.ingress.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.analytics.dashboard.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.am.cp.ingress.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - {{ .Values.wso2.deployment.am.cp.ingress.hostname }} rules: - - host: {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - host: {{ .Values.wso2.deployment.am.cp.ingress.hostname }} http: paths: - path: / backend: - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-service - servicePort: 9643 + serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service + servicePort: 9443 diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-service.yaml similarity index 82% rename from advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-service.yaml rename to advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-service.yaml index 73dda963..d5d362e6 100644 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-service.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,14 +15,17 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service namespace : {{ .Release.Namespace }} spec: # label keys and values that must match in order to receive traffic for this service selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp ports: # ports that this service should serve on + - name: servlet-http + protocol: TCP + port: 9763 - name: servlet-https protocol: TCP port: 9443 diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-volume-claims.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml similarity index 81% rename from advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-volume-claims.yaml rename to advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml index d92ff7fb..fe3ee17c 100644 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-volume-claims.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml @@ -1,6 +1,4 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +15,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-local-carbon-database-volume-claim + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-local-carbon-database-volume-claim namespace : {{ .Release.Namespace }} spec: accessModes: @@ -27,12 +25,14 @@ spec: storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + --- apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-solr-indexed-data-volume-claim + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-solr-indexed-data-volume-claim namespace : {{ .Release.Namespace }} spec: accessModes: @@ -47,7 +47,7 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-local-carbon-database-volume-claim + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-local-carbon-database-volume-claim namespace : {{ .Release.Namespace }} spec: accessModes: @@ -62,7 +62,7 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-solr-indexed-data-volume-claim + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-solr-indexed-data-volume-claim namespace : {{ .Release.Namespace }} spec: accessModes: @@ -71,5 +71,4 @@ spec: requests: storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/devportal/instance-1/wso2am-pattern-3-am-devportal-deployment.yaml b/advanced/am-pattern-3/templates/am/devportal/instance-1/wso2am-pattern-3-am-devportal-deployment.yaml deleted file mode 100644 index 4fb6d516..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/instance-1/wso2am-pattern-3-am-devportal-deployment.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal - template: - metadata: - annotations: - checksum.am.devportal.conf: {{ include (print $.Template.BasePath "/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-devportal -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - env: - - name: PROFILE_NAME - value: api-devportal - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 - volumeMounts: - - name: wso2am-devportal-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-devportal-indexed-data-volume - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-devportal-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-devportal-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf-entrypoint - defaultMode: 0407 - - name: wso2am-devportal-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-local-carbon-database-volume-claim - - name: wso2am-devportal-indexed-data-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-solr-indexed-data-volume-claim - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml b/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml deleted file mode 100644 index 3501078c..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml +++ /dev/null @@ -1,163 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.devportal.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.devportal.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.devportal.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - server_role="api-devportal" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [[apim.gateway.environment]] - name= "Production and Sandbox" - type= "hybrid" - display_in_api_console= true - description= "This is a hybrid gateway that handles both production and sandbox token traffic." - service_url= "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint= "ws://api.gw.wso2.com:9099" - http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - show_as_token_endpoint_url = true - - [apim.analytics] - enable = "true" - store_api_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service:7444" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - [apim.cache.recent_apis] - enable = false - - [apim.cache.scopes] - enable = true - - [apim.cache.tags] - expiry_time = 120000 - - [apim.devportal] - enable_application_sharing = true - application_sharing_type = "default" #changed to type, saml, default - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.DefaultGroupIDExtractorImpl" - display_multiple_versions = false - display_deprecated_apis = false - enable_comments = true - enable_ratings = true - enable_forum = true - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - # Traffic Manager configurations - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [transport.https.properties] - proxyPort = 443 - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - [database.local] - url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [indexing] - location = "/home/wso2carbon/solr/indexed-data" - {{ else }} - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - {{ end }} - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml index 1034654e..c91ebad6 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml @@ -60,7 +60,7 @@ data: # key manager implementation [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" username= "$ref{super_admin.username}" password= "$ref{super_admin.password}" @@ -75,37 +75,41 @@ data: #enable_user_claims = true #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever" + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] + # Traffic Manager configurations [apim.throttling] username= "$ref{super_admin.username}" password= "$ref{super_admin.password}" - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:${mgt.transport.https.port}/services/" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] enable_unlimited_tier = true enable_header_based_throttling = false enable_jwt_claim_based_throttling = false enable_query_param_based_throttling = false [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] type = "loadbalance" [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] type = "loadbalance" + {{ if .Values.wso2.choreoAnalytics.enabled }} [apim.analytics] - enable = "true" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - store_api_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service:7444" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" + enable = true + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} + [apim.analytics] + enable = false + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" + auth_token = "" + {{ end }} # Caches [apim.cache.gateway_token] @@ -130,20 +134,10 @@ data: allow_credentials = false [transport.https.properties] + port = 9443 proxyPort = 443 [transport.passthru_https.sender.parameters] HostnameVerifier = "AllowAll" - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] {{- end }} diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml index f9d14e52..e11cf1b6 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml @@ -30,23 +30,14 @@ spec: template: metadata: annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml") . | sha256sum }} + checksum.am.gw.conf: {{ include (print $.Template.BasePath "/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml") . | sha256sum }} labels: deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway spec: initContainers: - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - - name: init-tm-1 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of TM instance one deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service 9611; do sleep 1; printf "-"; done; echo -e " >> TM instance one has started";'] - - name: init-tm-2 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of TM instance two deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service 9611; do sleep 1; printf "-"; done; echo -e " >> TM instance two has started";'] + - name: init-cp + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of Control Plane deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service 9443; do sleep 1; printf "-"; done; echo -e " >> Control Plane has started";'] containers: - name: wso2am-gateway {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 8 }} @@ -80,7 +71,7 @@ spec: lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} @@ -100,8 +91,6 @@ spec: - containerPort: 9443 protocol: TCP volumeMounts: - - name: wso2am-gateway-storage-volume - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - name: wso2am-gateway-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf serviceAccountName: {{ .Values.kubernetes.serviceAccount }} @@ -113,9 +102,6 @@ spec: - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-gateway-storage-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim - name: wso2am-gateway-conf configMap: name: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-conf diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml index 8bbe2480..5b86382b 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml @@ -35,3 +35,9 @@ spec: - name: servlet-https protocol: TCP port: 9443 + - name: websub-http + protocol: TCP + port: 9021 + - name: websub-https + protocol: TCP + port: 8021 diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-ingress.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-websub-ingress.yaml similarity index 56% rename from advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-ingress.yaml rename to advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-websub-ingress.yaml index 843d550f..08e40266 100644 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-ingress.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-websub-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-ingress + name: {{ template "am-pattern-3.resource.prefix" . }}-am-websub-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.analytics.dashboard.ingress.annotations }} +{{- if .Values.wso2.deployment.am.websub.ingress.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.analytics.dashboard.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.am.websub.ingress.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - {{ .Values.wso2.deployment.am.websub.ingress.hostname }} rules: - - host: {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - host: {{ .Values.wso2.deployment.am.websub.ingress.hostname }} http: paths: - path: / backend: - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-service - servicePort: 9643 + serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service + servicePort: 8021 diff --git a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-conf.yaml b/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-conf.yaml deleted file mode 100644 index 561287d9..00000000 --- a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-conf.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-km-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.km.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.km.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ template "am-pattern-3.resource.prefix" . }}-km" - node_ip = "$env{NODE_IP}" - server_role = "api-key-manager" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-statefulset.yaml b/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-statefulset.yaml deleted file mode 100644 index e71e243a..00000000 --- a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-statefulset.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-km-statefulset - namespace: {{ .Release.Namespace }} -spec: - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-km - replicas: {{ .Values.wso2.deployment.am.km.replicas }} - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-km-service - template: - metadata: - annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/km/wso2am-pattern-3-am-km-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-km - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - containers: - - name: wso2am-km -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - env: - - name: PROFILE_NAME - value: api-key-manager - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9763 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-km-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-km-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-km-conf - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/instance-1/wso2am-pattern-3-am-publisher-deployment.yaml b/advanced/am-pattern-3/templates/am/publisher/instance-1/wso2am-pattern-3-am-publisher-deployment.yaml deleted file mode 100644 index 13866eb9..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/instance-1/wso2am-pattern-3-am-publisher-deployment.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - template: - metadata: - annotations: - checksum.am.publisher.conf: {{ include (print $.Template.BasePath "/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-publisher -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - env: - - name: PROFILE_NAME - value: api-publisher - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 - volumeMounts: - - name: wso2am-publisher-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-publisher-indexed-data-volume - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-publisher-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-publisher-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf-entrypoint - defaultMode: 0407 - - name: wso2am-publisher-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-local-carbon-database-volume-claim - - name: wso2am-publisher-indexed-data-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-solr-indexed-data-volume-claim - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/instance-2/wso2am-pattern-3-am-publisher-deployment.yaml b/advanced/am-pattern-3/templates/am/publisher/instance-2/wso2am-pattern-3-am-publisher-deployment.yaml deleted file mode 100644 index b31d7b5b..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/instance-2/wso2am-pattern-3-am-publisher-deployment.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - template: - metadata: - annotations: - checksum.am.publisher.conf: {{ include (print $.Template.BasePath "/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-publisher -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - env: - - name: PROFILE_NAME - value: api-publisher - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 - volumeMounts: - - name: wso2am-publisher-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-publisher-indexed-data-volume - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-publisher-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-publisher-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf-entrypoint - defaultMode: 0407 - - name: wso2am-publisher-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-local-carbon-database-volume-claim - - name: wso2am-publisher-indexed-data-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-solr-indexed-data-volume-claim - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf-entrypoint.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf-entrypoint.yaml deleted file mode 100644 index b70ac005..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf-entrypoint.yaml +++ /dev/null @@ -1,89 +0,0 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf-entrypoint - namespace: {{ .Release.Namespace }} -data: - docker-entrypoint.sh: | - #!/bin/bash - set -e - - # volume mounts - config_volume=${WORKING_DIRECTORY}/wso2-config-volume - artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - # home of the directories to be artifact synced within the WSO2 product home - deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server - # home of the directories with preserved, default deployment artifacts - original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp - - # check if the WSO2 non-root user home exists - test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - - # check if the WSO2 product home exists - test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - - # Copying carbon_db - if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db - then - echo "Copying WSO2CARBON_DB.mv.db" >&2 - cp ${WSO2_SERVER_HOME}/repository/database/WSO2CARBON_DB.mv.db /home/wso2carbon/solr/database/ - fi - - # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable - if [[ ! -z "${PROFILE_NAME}" ]] - then - echo "Optimizing WSO2 Carbon Server" >&2 - sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} - fi - - # copy any configuration changes mounted to config_volume - test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ - # copy any artifact changes mounted to artifact_volume - test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - - # start WSO2 Carbon server - echo "Start WSO2 Carbon server" >&2 - if [[ -z "${PROFILE_NAME}" ]] - then - # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" - else - # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" - fi - - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml deleted file mode 100644 index dea69af3..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml +++ /dev/null @@ -1,160 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.am.publisher.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.publisher.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - server_role = "api-publisher" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - [[apim.gateway.environment]] - name= "Production and Sandbox" - type= "hybrid" - display_in_api_console= true - description= "This is a hybrid gateway that handles both production and sandbox token traffic." - service_url= "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" - username= "${admin.username}" - password= "${admin.password}" - http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [apim.analytics] - enable = "true" - store_api_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service:7444" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - # Traffic Manager configurations - [apim.throttling] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [apim.cache.scopes] - enable = true - - [apim.cache.publisher_roles] #check the usage and move to dev role - enable = true - - [apim.devportal] - url = "https://{{ .Values.wso2.deployment.am.devportal.ingress.hostname }}/devportal" - - [apim.workflow] - enable = false - service_url = "https://localhost:9445/bpmn" - username = "$ref{super_admin.username}" - password = "$ref{super_admin.password}" - callback_endpoint = "https://localhost:9443/api/am/publisher/v0.16/workflows/update-workflow-status" - token_endpoint = "https://localhost:8243/token" - client_registration_endpoint = "https://localhost:9443/client-registration/v0.17/register" - client_registration_username = "$ref{super_admin.username}" - client_registration_password = "$ref{super_admin.password}" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [transport.https.properties] - proxyPort = 443 - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - [database.local] - url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [indexing] - location = "/home/wso2carbon/solr/indexed-data" - {{ else }} - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - {{ end }} - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-service.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-service.yaml deleted file mode 100644 index 31c66c50..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - ports: - # ports that this service should serve on - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-volume-claims.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-volume-claims.yaml deleted file mode 100644 index 2fe40a73..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-volume-claims.yaml +++ /dev/null @@ -1,76 +0,0 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf-entrypoint.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf-entrypoint.yaml deleted file mode 100644 index 45f8e3a0..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf-entrypoint.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf-entrypoint - namespace: {{ .Release.Namespace }} -data: - docker-entrypoint.sh: | - #!/bin/bash - set -e - - # volume mounts - config_volume=${WORKING_DIRECTORY}/wso2-config-volume - artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - # home of the directories to be artifact synced within the WSO2 product home - deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server - # home of the directories with preserved, default deployment artifacts - original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp - # statefulset array index of the Traffic Manager node - index=${HOSTNAME##*-} - - # check if the WSO2 non-root user home exists - test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - - # check if the WSO2 product home exists - test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - - # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable - if [[ ! -z "${PROFILE_NAME}" ]] - then - echo "Optimizing WSO2 Carbon Server" >&2 - sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} - fi - - # copy any configuration changes mounted to config_volume - test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ - # copy any artifact changes mounted to artifact_volume - test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - - # override the event duplicate URL based on the instance index - if [ "${index}" = "0" ]; then - sed -ir "s/TM_INDEX/1/g" ${WSO2_SERVER_HOME}/repository/conf/deployment.toml - elif [ "${index}" = "1" ]; then - sed -ir "s/TM_INDEX/0/g" ${WSO2_SERVER_HOME}/repository/conf/deployment.toml - else - echo "Invalid Traffic Manager index" - exit 1 - fi - - # start WSO2 Carbon server - echo "Start WSO2 Carbon server" >&2 - if [[ -z "${PROFILE_NAME}" ]] - then - # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" - else - # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" - fi diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf.yaml deleted file mode 100644 index b0c5e998..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.am.tm.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.tm.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} - -data: - deployment.toml: |- - [server] - #hostname = "{{ template "am-pattern-3.resource.prefix" . }}-tm" - node_ip = "$env{NODE_IP}" - server_role = "traffic-manager" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:9443/services/" - - [apim.oauth_config] - revoke_endpoint = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:9443/oauth2/revoke" - enable_token_encryption = false - enable_token_hashing = false - - [apim.throttling] - event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-TM_INDEX.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-service.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-service.yaml deleted file mode 100644 index 626836c0..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-service.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-service - namespace: {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm - ports: - # ports that this service should serve on - - name: service - port: 9443 - protocol: TCP - targetPort: 9443 diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-statefulset.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-statefulset.yaml deleted file mode 100644 index 9cbef179..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-statefulset.yaml +++ /dev/null @@ -1,139 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service - template: - metadata: - annotations: - checksum.am.tm.conf: {{ include (print $.Template.BasePath "/am/tm/wso2am-pattern-3-am-tm-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-tm -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - env: - - name: PROFILE_NAME - value: "traffic-manager" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9611 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9611 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9611 - protocol: TCP - - containerPort: 9711 - protocol: TCP - - containerPort: 5672 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-tm-shared-storage-volume - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-tm-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - - name: wso2am-tm-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-tm-shared-storage-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-shared-executionplans-volume-claim - - name: wso2am-tm-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf - - name: wso2am-tm-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf-entrypoint - defaultMode: 0407 - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-volume-claim.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-volume-claim.yaml deleted file mode 100644 index d88705f3..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-volume-claim.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-shared-executionplans-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} diff --git a/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml new file mode 100644 index 00000000..815d31ca --- /dev/null +++ b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml @@ -0,0 +1,101 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-deployment + namespace: {{ .Release.Namespace }} + labels: +{{ include "am-pattern-3.labels" . | indent 4 }} +spec: + replicas: {{ .Values.wso2.deployment.mi.replicas }} + strategy: + rollingUpdate: + maxSurge: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxSurge }} + maxUnavailable: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 + template: + metadata: + labels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 + spec: + initContainers: + - name: init-cp + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of Control Plane deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service 9443; do sleep 1; printf "-"; done; echo -e " >> Control Plane has started";'] + - name: init-gw + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of Gateway deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service 8243; do sleep 1; printf "-"; done; echo -e " >> Gateway has started";'] + containers: + - name: wso2micro-integrator +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + args: + - "-DsynapseTest=true" + {{- end }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 8290 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: /healthz + port: 9201 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.readinessProbe.periodSeconds }} + resources: + requests: + memory: {{ .Values.wso2.deployment.mi.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.mi.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.limits.cpu }} + imagePullPolicy: Always + securityContext: + runAsUser: 802 + ports: + - containerPort: 8290 + protocol: TCP + - containerPort: 9201 + protocol: TCP + - containerPort: 9164 + protocol: TCP + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - containerPort: 9008 + protocol: TCP + {{- end }} + {{- if .Values.wso2.deployment.mi.envs }} + env: + {{- range $key, $val := .Values.wso2.deployment.mi.envs }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.mi.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-wso2-private-registry-creds + {{ end }} diff --git a/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-management-ingress.yaml b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-management-ingress.yaml new file mode 100644 index 00000000..a7b75364 --- /dev/null +++ b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-management-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-management-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.mi.ingress.management.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.mi.ingress.management.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} + rules: + - host: {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-service + servicePort: 9164 diff --git a/advanced/am-pattern-3/templates/mi/wso2am-pattern-3-mi-service.yaml b/advanced/am-pattern-3/templates/mi/wso2am-pattern-3-mi-service.yaml new file mode 100644 index 00000000..628b81c6 --- /dev/null +++ b/advanced/am-pattern-3/templates/mi/wso2am-pattern-3-mi-service.yaml @@ -0,0 +1,50 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-service + namespace : {{ .Release.Namespace }} + labels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 +{{ include "am-pattern-3.labels" . | indent 4 }} +spec: + type: ClusterIP + ports: + - port: 8290 + targetPort: 8290 + protocol: TCP + name: pass-through-http + - port: 8253 + targetPort: 8253 + protocol: TCP + name: pass-through-https + - port: 9201 + targetPort: 9201 + protocol: TCP + name: metrics + - port: 9164 + targetPort: 9164 + protocol: TCP + name: management + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - port: 9008 + targetPort: 9008 + protocol: TCP + name: synapse-test + {{- end}} + selector: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 diff --git a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml new file mode 100644 index 00000000..3745715d --- /dev/null +++ b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml @@ -0,0 +1,30 @@ +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq (default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry) "docker.wso2.com") }} +# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $username := .Values.wso2.subscription.username }} +{{- $password := .Values.wso2.subscription.password }} +{{- $email := .Values.wso2.subscription.username }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry }} +{{- $auth := printf "%s:%s" $username $password | b64enc }} +{{- $files := .Files }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-wso2-private-registry-creds + namespace: {{ .Release.Namespace }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "docker.wso2.com.username" $username | replace "docker.wso2.com.password" $password | replace "docker.wso2.com.email" $email | replace "docker.wso2.com.auth" $auth | b64enc }} +{{ end }} diff --git a/advanced/am-pattern-3/values.yaml b/advanced/am-pattern-3/values.yaml index 66085133..917e7d9b 100644 --- a/advanced/am-pattern-3/values.yaml +++ b/advanced/am-pattern-3/values.yaml @@ -19,6 +19,13 @@ wso2: subscription: username: "" password: "" + + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" deployment: dependencies: @@ -35,14 +42,6 @@ wso2: # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) storageClass: &storage_class "nfs" - # Define capacities for persistent runtime artifact directories which are shared between instances of the relevant API Manager profile - sharedArtifacts: - capacity: - # For execution plans shared between the Traffic Manager profile instances - executionPlans: 20M - # For synapse artifacts of APIs shared between the Gateway profile instances - synapseConfigs: 50M - # Persistent runtime artifacts for Apache Solr-based indexing apacheSolrIndexing: # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled @@ -60,7 +59,7 @@ wso2: # If a custom image must be used, uncomment 'dockerRegistry' and provide its value # dockerRegistry: "" imageName: "wso2am" - imageTag: "3.2.0" + imageTag: "4.0.0" # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always @@ -98,6 +97,17 @@ wso2: # How often (in seconds) to perform the probe periodSeconds: 10 + # API Manager's WebSub specific configurations + websub: + # Configure Ingress + ingress: + # Hostname for Gateway (WebSub) service + hostname: "websub.am.wso2.com" + # Annotations for the API Manager Gateway (WebSub) service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + # API Manager's Gateway specific configurations gateway: # Configure Ingress @@ -126,190 +136,115 @@ wso2: # deployment.toml: |- # # deployment configurations for the Gateway profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - # API Manager's Key Manager specific configurations - km: - # Number of deployment replicas - replicas: 2 - - # If the deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> km -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - # API Manager's Publisher specific configurations - publisher: - # Configure Ingress - ingress: - # Hostname for Publisher profile - hostname: "publisher.am.wso2.com" - # Annotations for the API Manager Publisher service Ingress - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - - # If the deployment configurations for the Publisher profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> publisher -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Publisher profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) + # API Manager's Control Plane specific configurations + cp: + # Indicates whether the container is running + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 + # Indicates whether the container is ready to service requests + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 - # API Manager's DevPortal specific configurations - devportal: # Configure Ingress ingress: - # Hostname for DevPortal profile - hostname: "devportal.am.wso2.com" - # Annotations for the API Manager DevPortal service Ingress + # Hostname for Control Plane profile + hostname: "am.wso2.com" + # Annotations for the API Manager Control Plane service Ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" nginx.ingress.kubernetes.io/affinity: "cookie" nginx.ingress.kubernetes.io/session-cookie-name: "route" nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - - # If the deployment configurations for the DevPortal profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> devportal -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the DevPortal profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - # API Manager's Traffic Manager specific configurations - tm: - # If the deployment configurations for the Traffic Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> tm -> instanceOne -> config -> deployment.toml) - config: "" -# deployment.toml: |- -# # deployment configurations for the Traffic Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - analytics: - dashboard: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. - # dockerRegistry: "" - imageName: "wso2am-analytics-dashboard" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - # Number of deployment replicas - replicas: 1 - - # Kubernetes RollingUpdate strategy configurations - strategy: - rollingUpdate: - # The maximum number of pods that can be scheduled above the desired number of pods. - maxSurge: 1 - # The maximum number of pods that can be unavailable during the update. - maxUnavailable: 0 - - # Indicates whether the container is running. - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - # Indicates whether the container is ready to service requests. - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - -# # If the deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml), -# # add the customized configuration file under (wso2 -> deployment -> analytics -> dashboard -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml) + replicas: 2 resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). + # These are the minimum resource recommendations for running WSO2 API Management Control Plane deployment + # as per official documentation (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) requests: - memory: "4Gi" + memory: "2Gi" cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. limits: - memory: "4Gi" - cpu: "2000m" + memory: "3Gi" + cpu: "3000m" # JVM settings # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) + # Refer to the official documentation for advanced details (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) jvm: # Resource allocation for the Java Heap heap: memory: # Initial and minimum Heap size - xms: "2048m" + xms: "1024m" # Maximum Heap size - xmx: "2048m" + xmx: "1024m" - # Configure Ingress - ingress: - # Hostname for API Manager Analytics Dashboard - hostname: "analytics.am.wso2.com" - # Annotations for the API Manager Analytics Dashboard service Ingress +# config: +# deployment.toml: |- +# # deployment configurations for the Control Plane profile of WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) + + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. + # dockerRegistry: "" + imageName: "wso2mi" + imageTag: "4.0.0" + # Number of deployment replicas + replicas: 2 + strategy: + rollingUpdate: + # The maximum number of pods that can be scheduled above the desired number of pods. + maxSurge: 1 + # The maximum number of pods that can be unavailable during the update. + maxUnavailable: 0 + # Indicates whether the container is running. + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # Indicates whether the container is ready to service requests. + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # These are the minimum resource recommendations for running WSO2 Micro Integrator + resources: + requests: + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" + limits: + # The maximum amount of memory that should be allocated for a Pod + memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod + cpu: "1000m" + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false + + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - worker: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. - # dockerRegistry: "" - imageName: "wso2am-analytics-worker" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - # Indicates whether the container is running. - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - # Indicates whether the container is ready to service requests. - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - - # If the deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> worker -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml) - - resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). - requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. - limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - kubernetes: # Name of Kubernetes service account serviceAccount: "wso2am-pattern-3-svc-account" diff --git a/advanced/mysql-am/Chart.yaml b/advanced/mysql-am/Chart.yaml index c4d26fca..a01e332a 100644 --- a/advanced/mysql-am/Chart.yaml +++ b/advanced/mysql-am/Chart.yaml @@ -16,5 +16,5 @@ apiVersion: v1 appVersion: "5.7" description: A Helm chart for MySQL based deployment of WSO2 API Management Datasources name: mysql-am -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/mysql-am/values.yaml b/advanced/mysql-am/values.yaml index 37391ec4..afb0f4aa 100644 --- a/advanced/mysql-am/values.yaml +++ b/advanced/mysql-am/values.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. mysql: - imageTag: "5.7.31" + imageTag: "5.7.34" mysqlRootPassword: root mysqlUser: wso2carbon mysqlPassword: wso2carbon @@ -26,27 +26,6 @@ mysql: [mysqld] max_connections = 10000 initializationFiles: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_DASHBOARD_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - DROP DATABASE IF EXISTS WSO2_CLUSTER_DB; - DROP DATABASE IF EXISTS WSO2_PERSISTENCE_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_DASHBOARD_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - CREATE DATABASE WSO2_CLUSTER_DB; - CREATE DATABASE WSO2_PERSISTENCE_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_DASHBOARD_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2_CLUSTER_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2_PERSISTENCE_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; mysql_apim.sql: |- DROP DATABASE IF EXISTS WSO2AM_DB; CREATE DATABASE WSO2AM_DB; @@ -56,1008 +35,1130 @@ mysql: -- Start of IDENTITY Tables-- CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) + PRODUCT_NAME VARCHAR(20), + PRIMARY KEY (PRODUCT_NAME) )ENGINE INNODB; INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY VARCHAR(255), + CONSUMER_SECRET VARCHAR(2048), + USERNAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT 0, + USER_DOMAIN VARCHAR(50), + APP_NAME VARCHAR(255), + OAUTH_VERSION VARCHAR(128), + CALLBACK_URL VARCHAR(2048), + GRANT_TYPES VARCHAR (1024), + PKCE_MANDATORY CHAR(1) DEFAULT '0', + PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, + ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + REQUEST_TOKEN VARCHAR(255), + REQUEST_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(2048), + SCOPE VARCHAR(2048), + AUTHORIZED VARCHAR(128), + OAUTH_VERIFIER VARCHAR(512), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (REQUEST_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + ACCESS_TOKEN VARCHAR(255), + ACCESS_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + SCOPE VARCHAR(2048), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ACCESS_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) + TOKEN_ID VARCHAR (255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + USER_TYPE VARCHAR (25), + GRANT_TYPE VARCHAR (50), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + VALIDITY_PERIOD BIGINT, + REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, + TOKEN_SCOPE_HASH VARCHAR(32), + TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', + TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', + SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), + IDP_ID INTEGER DEFAULT -1 NOT NULL, + TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', + PRIMARY KEY (TOKEN_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE + TOKEN_ID VARCHAR (255), + TOKEN_BINDING_TYPE VARCHAR (32), + TOKEN_BINDING_REF VARCHAR (32), + TOKEN_BINDING_VALUE VARCHAR (1024), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID), + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL + TOKEN_ID VARCHAR (255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + USER_TYPE VARCHAR (25), + GRANT_TYPE VARCHAR (50), + TIME_CREATED TIMESTAMP NULL, + REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, + VALIDITY_PERIOD BIGINT, + REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, + TOKEN_SCOPE_HASH VARCHAR(32), + TOKEN_STATE VARCHAR(25), + TOKEN_STATE_ID VARCHAR (128) , + SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), + INVALIDATED_TIME TIMESTAMP NULL, + IDP_ID INTEGER DEFAULT -1 NOT NULL ); CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + CODE_ID VARCHAR (255), + AUTHORIZATION_CODE VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(2048), + SCOPE VARCHAR(2048), + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + VALIDITY_PERIOD BIGINT, + STATE VARCHAR (25) DEFAULT 'ACTIVE', + TOKEN_ID VARCHAR(255), + SUBJECT_IDENTIFIER VARCHAR(255), + PKCE_CODE_CHALLENGE VARCHAR(255), + PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), + IDP_ID INTEGER DEFAULT -1 NOT NULL, + PRIMARY KEY (CODE_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE + CODE_ID VARCHAR(255), + SCOPE VARCHAR(60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (CODE_ID, SCOPE), + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + CODE_ID VARCHAR(255), + DEVICE_CODE VARCHAR(255), + USER_CODE VARCHAR(25), + CONSUMER_KEY_ID INTEGER, + LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + POLL_TIME BIGINT, + STATUS VARCHAR (25) DEFAULT 'PENDING', + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + IDP_ID INTEGER, + PRIMARY KEY (DEVICE_CODE), + UNIQUE (CODE_ID), + UNIQUE (USER_CODE), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + SCOPE_ID VARCHAR(255), + SCOPE VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + SCOPE_TYPE VARCHAR(255) NOT NULL, + PRIMARY KEY (SCOPE_ID), + UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255) NOT NULL, + BINDING_TYPE VARCHAR(255) NOT NULL, + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + RESOURCE_PATH VARCHAR(255) NOT NULL, + SCOPE_ID INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RESOURCE_PATH), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + ROLE_NAME VARCHAR(255) NOT NULL, + ATTR_NAME VARCHAR(1024) NOT NULL, + ATTR_VALUE VARCHAR(1024), + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + COOKIE_VALUE VARCHAR(1024), + CREATED_TIME TIMESTAMP, + PRIMARY KEY (USER_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + RP_URL VARCHAR(255) NOT NULL, + TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', + LAST_VISIT DATE NOT NULL, + VISIT_COUNT INTEGER DEFAULT 0, + DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', + PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) + HANDLE VARCHAR(255) NOT NULL, + ASSOC_TYPE VARCHAR(255) NOT NULL, + EXPIRE_IN TIMESTAMP NOT NULL, + MAC_KEY VARCHAR(255) NOT NULL, + ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (HANDLE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + TOKEN_ID VARCHAR(255) NOT NULL, + TOKEN_CONTENT BLOB(1024) NOT NULL, + CREATE_DATE TIMESTAMP NOT NULL, + EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + STATE INTEGER DEFAULT 0, + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) + TENANT_ID INTEGER DEFAULT -1234, + USER_NAME VARCHAR(255) NOT NULL, + DATA_KEY VARCHAR(255) NOT NULL, + DATA_VALUE VARCHAR(2048), + PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + METADATA_TYPE VARCHAR(255) NOT NULL, + METADATA VARCHAR(255) NOT NULL, + VALID VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) + SESSION_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + CREATED_TIME VARCHAR(255) NOT NULL, + LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (SESSION_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + OPERATION VARCHAR(10) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED BIGINT, + TENANT_ID INTEGER DEFAULT -1, + EXPIRY_TIME BIGINT, + PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + OPERATION VARCHAR(10) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED BIGINT, + TENANT_ID INTEGER DEFAULT -1, + EXPIRY_TIME BIGINT, + PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + IDP_ID INTEGER NOT NULL, + PRIMARY KEY (USER_ID), + CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); + USER_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) + SESSION_ID VARCHAR (100) NOT NULL, + SUBJECT VARCHAR (100) NOT NULL, + APP_ID INTEGER NOT NULL, + INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) + SESSION_ID VARCHAR (100) NOT NULL, + PROPERTY_TYPE VARCHAR (100) NOT NULL, + VALUE VARCHAR (255) NOT NULL, + PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + APP_NAME VARCHAR (255) NOT NULL , + USER_STORE VARCHAR (255) NOT NULL, + USERNAME VARCHAR (255) NOT NULL , + DESCRIPTION VARCHAR (1024), + ROLE_CLAIM VARCHAR (512), + AUTH_TYPE VARCHAR (255) NOT NULL, + PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), + IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', + IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', + IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', + IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', + SUBJECT_CLAIM_URI VARCHAR (512), + IS_SAAS_APP CHAR(1) DEFAULT '0', + IS_DUMB_MODE CHAR(1) DEFAULT '0', + UUID CHAR(36), + IMAGE_URL VARCHAR(1024), + ACCESS_URL VARCHAR(1024), + IS_DISCOVERABLE CHAR(1) DEFAULT '0', + + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + INBOUND_AUTH_KEY VARCHAR (255), + INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, + PROP_NAME VARCHAR (255), + PROP_VALUE VARCHAR (1024) , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + STEP_ORDER INTEGER DEFAULT 1, + APP_ID INTEGER NOT NULL , + IS_SUBJECT_STEP CHAR(1) DEFAULT '0', + IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_ID INTEGER NOT NULL, + PRIMARY KEY (ID, AUTHENTICATOR_ID) )ENGINE INNODB; ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + SP_DIALECT VARCHAR (512) NOT NULL, + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID)); ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_CLAIM VARCHAR (512) NOT NULL , + SP_CLAIM VARCHAR (512) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', + DEFAULT_VALUE VARCHAR(255), + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_ROLE VARCHAR (255) NOT NULL , + SP_ROLE VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_NAME VARCHAR (255) NOT NULL , + CONNECTOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', + BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID)); CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + CONTENT BLOB DEFAULT NULL, + PRIMARY KEY (ID), + CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + LONG_WAIT_KEY VARCHAR(255) NOT NULL, + WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE MEDIUMBLOB, + CERTIFICATE BLOB, + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + DISPLAY_NAME VARCHAR(255), + IMAGE_URL VARCHAR(1024), + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, NAME), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_CLAIM_ID INTEGER, + TENANT_ID INTEGER, + LOCAL_CLAIM VARCHAR(253), + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), + FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '1', + DISPLAY_NAME VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + AUTHENTICATOR_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047), + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), + FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '0', + IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + PROVISIONING_CONFIG_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2048), + PROPERTY_BLOB_VALUE BLOB, + PROPERTY_TYPE CHAR(32) NOT NULL, + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + PROVISIONING_CONFIG_ID INTEGER, + ENTITY_TYPE VARCHAR(255) NOT NULL, + ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, + ENTITY_NAME VARCHAR(255) NOT NULL, + ENTITY_VALUE VARCHAR(255), + TENANT_ID INTEGER, + ENTITY_LOCAL_ID VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), + UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + IDP_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + ASSOCIATION_ID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) + )ENGINE INNODB; CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + USER_HANDLE VARCHAR(64) NOT NULL, + CREDENTIAL_ID VARCHAR(200) NOT NULL, + PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, + SIGNATURE_COUNT BIGINT, + USER_IDENTITY VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(255), + IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', + PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BLOB, + PRIMARY KEY (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(255), + HOST_URL_WORKER VARCHAR(255), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(1023), + CALLBACK_HOST VARCHAR (45), + CALLBACK_USERNAME VARCHAR (45), + CALLBACK_PASSWORD VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER NOT NULL, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + ASSERTION BLOB , + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) + ID INT(11) NOT NULL AUTO_INCREMENT, + SOURCE_ID VARCHAR(255) NOT NULL, + MESSAGE_HANDLER VARCHAR(255) NOT NULL, + AUTHN_REQ_DTO BLOB NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + EXP_TIMESTAMP TIMESTAMP NOT NULL, + INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + ASSERTION_ID VARCHAR(255), + PRIMARY KEY (`ID`) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + SCOPE_ID INTEGER NOT NULL, + EXTERNAL_CLAIM_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, + FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DATA BLOB NOT NULL, + PRIMARY KEY (TENANT_ID,NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE + AUTH_CODE_KEY CHAR (36), + AUTH_REQ_ID CHAR (36), + ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + CONSUMER_KEY VARCHAR(255), + LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + POLLING_INTERVAL INTEGER, + EXPIRES_IN INTEGER, + AUTHENTICATED_USER_NAME VARCHAR(255), + USER_STORE_DOMAIN VARCHAR(100), + TENANT_ID INTEGER, + AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', + IDP_ID INTEGER, + UNIQUE(AUTH_REQ_ID), + PRIMARY KEY (AUTH_CODE_KEY), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE + AUTH_CODE_KEY CHAR (36), + SCOPE VARCHAR (255), + FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; + IDP_SESSION_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + IDP_NAME VARCHAR(255) NOT NULL, + AUTHENTICATOR_ID VARCHAR(255), + PROTOCOL_TYPE VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (IDP_SESSION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( + ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) + )ENGINE INNODB; + + INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES + ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), + ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), + ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + NAME VARCHAR(255) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + HAS_FILE tinyint(1) NOT NULL, + HAS_ATTRIBUTE tinyint(1) NOT NULL, + TYPE_ID VARCHAR(255) NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES + IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( + ID VARCHAR(255) NOT NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + ATTR_KEY VARCHAR(255) NOT NULL, + ATTR_VALUE VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) + REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( + ID VARCHAR(255) NOT NULL, + VALUE BLOB NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES + IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + IS_ENABLED CHAR(1) NOT NULL, + REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, + ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, + CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, + REMOTE_FETCH_NAME VARCHAR(255), + REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, + ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) + )ENGINE INNODB; + + CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( + ID VARCHAR(255) NOT NULL, + CONFIG_ID VARCHAR(255) NOT NULL, + FILE_PATH VARCHAR(255) NOT NULL, + FILE_HASH VARCHAR(255), + DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + DEPLOYMENT_STATUS VARCHAR(255), + ITEM_NAME VARCHAR(255), + DEPLOY_ERR_LOG MEDIUMTEXT, + PRIMARY KEY (ID), + FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, + CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, + FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, + FUNCTIONALITY_LOCK_REASON VARCHAR(1023), + FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + PROPERTY_NAME VARCHAR(255), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( + ID INT NOT NULL AUTO_INCREMENT, + TENANT_ID INT NOT NULL, + ORIGIN VARCHAR(2048) NOT NULL, + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (UUID) + ) ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( + IDN_CORS_ORIGIN_ID INT NOT NULL, + SP_APP_ID INT NOT NULL, + + PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), + FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, + FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE + ) ENGINE INNODB; -- --------------------------- INDEX CREATION ----------------------------- -- IDN_OAUTH2_ACCESS_TOKEN -- @@ -1133,130 +1234,140 @@ mysql: -- IDN_FED_AUTH_SESSION_MAPPING -- CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); + -- IDN_REMOTE_FETCH_REVISIONS -- + CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); + + -- End of IDENTITY Tables-- -- Start of CONSENT-MGT Tables -- CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) ); CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + PURPOSE_GROUP VARCHAR(255) NOT NULL, + GROUP_TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), + PRIMARY KEY (ID) ); CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) ); CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + IS_MANDATORY INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) ); CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) ); CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) ); ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); @@ -1265,290 +1376,301 @@ mysql: -- Start of API-MGT Tables -- CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) + SUBSCRIBER_ID INTEGER AUTO_INCREMENT, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + EMAIL_ADDRESS VARCHAR(256) NULL, + DATE_SUBSCRIBED TIMESTAMP NOT NULL, + PRIMARY KEY (SUBSCRIBER_ID), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UNIQUE (TENANT_ID,USER_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) + APPLICATION_ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(100), + SUBSCRIBER_ID INTEGER, + APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', + CALLBACK_URL VARCHAR(512), + DESCRIPTION VARCHAR(512), + APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', + GROUP_ID VARCHAR(100), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UUID VARCHAR(256), + TOKEN_TYPE VARCHAR(10), + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY(APPLICATION_ID), + UNIQUE (NAME,SUBSCRIBER_ID), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) + API_ID INTEGER AUTO_INCREMENT, + API_UUID VARCHAR(256), + API_PROVIDER VARCHAR(200), + API_NAME VARCHAR(200), + API_VERSION VARCHAR(30), + CONTEXT VARCHAR(256), + CONTEXT_TEMPLATE VARCHAR(256), + API_TIER VARCHAR(256), + API_TYPE VARCHAR(10), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR(30), + REVISIONS_CREATED INTEGER DEFAULT 0, + PRIMARY KEY(API_ID), + UNIQUE (API_PROVIDER,API_NAME,API_VERSION), + UNIQUE (API_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( + API_UUID VARCHAR(64), + REVISION_UUID VARCHAR(64), + API_TIER VARCHAR(128), + UNIQUE (API_UUID,REVISION_UUID) )ENGINE INNODB; - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) + UUID VARCHAR(256), + API_ID INTEGER NOT NULL, + TYPE VARCHAR(256), + FIELD VARCHAR(256), + COMPLEXITY_VALUE INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY(UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - PRIMARY KEY (URL_MAPPING_ID) + URL_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER NOT NULL, + HTTP_METHOD VARCHAR(20) NULL, + AUTH_SCHEME VARCHAR(50) NULL, + URL_PATTERN VARCHAR(512) NULL, + THROTTLING_TIER varchar(512) DEFAULT NULL, + MEDIATION_SCRIPT BLOB, + REVISION_UUID VARCHAR(255), + PRIMARY KEY (URL_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) + SCOPE_NAME VARCHAR(255) NOT NULL, + URL_MAPPING_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) + API_ID INTEGER NOT NULL, + AUDIT_UUID VARCHAR(255) NOT NULL, + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (API_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) + API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + URL_MAPPING_ID INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(API_PRODUCT_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) + SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, + TIER_ID VARCHAR(50), + TIER_ID_PENDING VARCHAR(50), + API_ID INTEGER, + LAST_ACCESSED TIMESTAMP NULL, + APPLICATION_ID INTEGER, + SUB_STATUS VARCHAR(50), + SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UUID VARCHAR(256), + FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (SUBSCRIPTION_ID), + UNIQUE (UUID) )ENGINE INNODB; - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) + UUID VARCHAR(100), + APPLICATION_ID INTEGER, + CONSUMER_KEY VARCHAR(255), + KEY_TYPE VARCHAR(512) NOT NULL, + STATE VARCHAR(30) NOT NULL, + CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', + KEY_MANAGER VARCHAR(100), + APP_INFO BLOB , + FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) + EVENT_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER NOT NULL, + PREVIOUS_STATE VARCHAR(50), + NEW_STATE VARCHAR(50) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + EVENT_DATE TIMESTAMP NOT NULL, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (EVENT_ID) )ENGINE INNODB; CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) + CONSUMER_KEY VARCHAR(255), + AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', + PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, - COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, - API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (COMMENT_ID) + COMMENT_ID VARCHAR(64) NOT NULL, + COMMENT_TEXT VARCHAR(512), + CREATED_BY VARCHAR(255), + CREATED_TIME TIMESTAMP NOT NULL, + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + API_ID INTEGER, + PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, + ENTRY_POINT VARCHAR(20), + CATEGORY VARCHAR(20) DEFAULT 'general', + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), + FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), + PRIMARY KEY (COMMENT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + RATING_ID VARCHAR(255) NOT NULL, + API_ID INTEGER, + RATING INTEGER, + SUBSCRIBER_ID INTEGER, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, PRIMARY KEY (RATING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) + TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, + TIER VARCHAR(50) NOT NULL, + PERMISSIONS_TYPE VARCHAR(50) NOT NULL, + ROLES VARCHAR(512) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY(TIER_PERMISSIONS_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + APISTORE_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + STORE_ID VARCHAR(255) NOT NULL, + STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, + STORE_ENDPOINT VARCHAR(255) NOT NULL, + STORE_TYPE VARCHAR(255) NOT NULL, + LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, PRIMARY KEY (APISTORE_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) + WF_ID INTEGER AUTO_INCREMENT, + WF_REFERENCE VARCHAR(255) NOT NULL, + WF_TYPE VARCHAR(255) NOT NULL, + WF_STATUS VARCHAR(255) NOT NULL, + WF_CREATED_TIME TIMESTAMP, + WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , + WF_STATUS_DESC VARCHAR(1000), + TENANT_ID INTEGER, + TENANT_DOMAIN VARCHAR(255), + WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, + WF_METADATA BLOB DEFAULT NULL, + WF_PROPERTIES BLOB DEFAULT NULL, + PRIMARY KEY (WF_ID), + UNIQUE (WF_EXTERNAL_REFERENCE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) + REG_ID INT AUTO_INCREMENT, + SUBSCRIBER_ID INT, + WF_REF VARCHAR(255) NOT NULL, + APP_ID INT, + TOKEN_TYPE VARCHAR(30), + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', + INPUTS VARCHAR(1000), + ALLOWED_DOMAINS VARCHAR(256), + VALIDITY_PERIOD BIGINT, + KEY_MANAGER VARCHAR(255) NOT NULL, + UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (REG_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) + NAME VARCHAR(255) NOT NULL, + UUID VARCHAR (256), + TENANT_ID INTEGER, + PRIMARY KEY (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) + DEFAULT_VERSION_ID INT AUTO_INCREMENT, + API_NAME VARCHAR(256) NOT NULL , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , + PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , + PRIMARY KEY (DEFAULT_VERSION_ID) )ENGINE = INNODB; CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) + ID VARCHAR(100) NOT NULL, + STATE VARCHAR(50) NOT NULL, + STATUS VARCHAR(50) NOT NULL, + STARTED_TIME VARCHAR(50) NOT NULL, + PUBLISHED_TIME VARCHAR(50) NOT NULL, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) + ALERT_TYPE_ID INTEGER AUTO_INCREMENT, + ALERT_TYPE_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL, + PRIMARY KEY (ALERT_TYPE_ID) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) + ALERT_TYPE_ID INTEGER, + USER_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , + PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , + PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) + EMAIL_LIST_ID INTEGER, + EMAIL VARCHAR(255), + PRIMARY KEY (EMAIL_LIST_ID,EMAIL) )ENGINE = INNODB; INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); @@ -1564,420 +1686,527 @@ mysql: -- AM Throttling tables -- CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, + RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, + BILLING_PLAN VARCHAR(20) NOT NULL, + UUID VARCHAR(256), + MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, + FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, + BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, + PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, + CURRENCY VARCHAR(15) NULL DEFAULT NULL, + MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, + MAX_DEPTH INT(11) NOT NULL DEFAULT 0, + CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) )ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) )ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) )ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR (1024), + DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, + DEFAULT_QUOTA INTEGER NOT NULL, + DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, + DEFAULT_UNIT_TIME INTEGER NOT NULL, + DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, + APPLICABLE_LEVEL VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE + CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, + POLICY_ID INTEGER NOT NULL, + QUOTA_TYPE VARCHAR(25), + QUOTA INTEGER NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INTEGER NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, + PRIMARY KEY (CONDITION_GROUP_ID), + FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + PARAMETER_NAME VARCHAR(255) DEFAULT NULL, + PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, + IS_PARAM_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (QUERY_PARAMETER_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, + HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, + IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (HEADER_FIELD_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + CLAIM_URI VARCHAR(512) DEFAULT NULL, + CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, + IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (JWT_CLAIM_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) + AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, + STARTING_IP VARCHAR(45) NULL, + ENDING_IP VARCHAR(45) NULL, + SPECIFIC_IP VARCHAR(45) NULL, + WITHIN_IP_RANGE BOOLEAN DEFAULT 1, + CONDITION_GROUP_ID INT NULL, + PRIMARY KEY (AM_IP_CONDITION_ID), + INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) + REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + KEY_TEMPLATE VARCHAR(512) NOT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + SIDDHI_QUERY BLOB DEFAULT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) + THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, + TIER VARCHAR(50) NULL, + PERMISSIONS_TYPE VARCHAR(50) NULL, + ROLES VARCHAR(512) NULL, + TENANT_ID INT(11) NULL, + PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) ENGINE = InnoDB; CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) + `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, + `TYPE` varchar(45) DEFAULT NULL, + `VALUE` varchar(512) DEFAULT NULL, + `ENABLED` varchar(45) DEFAULT NULL, + `DOMAIN` varchar(45) DEFAULT NULL, + `UUID` VARCHAR(256), + PRIMARY KEY (`CONDITION_ID`), + UNIQUE (`UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(255) NOT NULL, + `END_POINT` VARCHAR(255) NOT NULL, + `CERTIFICATE` BLOB DEFAULT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `API_ID` INTEGER NOT NULL, + `CERTIFICATE` BLOB NOT NULL, + `REMOVED` BOOLEAN NOT NULL DEFAULT 0, + `TIER_NAME` VARCHAR (512), + `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', + FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT FALSE, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE + APPLICATION_ID int(11) NOT NULL, + NAME varchar(255) NOT NULL, + VALUE varchar(1024) NOT NULL, + TENANT_ID int(11) NOT NULL, + PRIMARY KEY (APPLICATION_ID,NAME), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(50) NOT NULL, + CONSUMER_KEY VARCHAR(512) NOT NULL, + CONSUMER_SECRET VARCHAR(512) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', + UNIQUE (CONSUMER_KEY), + PRIMARY KEY (ID) ) ENGINE=InnoDB; -- BotDATA Email table -- CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) + UUID VARCHAR(255), + CATEGORY VARCHAR(255), + NOTIFICATION_METHOD VARCHAR(255), + SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, + PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) ) ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) + UUID VARCHAR(255) NOT NULL, + SIGNATURE VARCHAR(2048) NOT NULL, + EXPIRY_TIMESTAMP BIGINT NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (UUID) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) + UUID VARCHAR(50), + NAME VARCHAR(255), + DESCRIPTION VARCHAR(1024), + TENANT_ID INTEGER DEFAULT -1, + UNIQUE (NAME,TENANT_ID), + PRIMARY KEY (UUID) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY(USER_ID) ) ENGINE=InnoDB; -- Tenant Themes Table -- CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) + TENANT_ID INTEGER NOT NULL, + THEME MEDIUMBLOB NOT NULL, + PRIMARY KEY (TENANT_ID) ) ENGINE=InnoDB; -- End of API-MGT Tables -- -- UMA tables -- CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_ID VARCHAR(255), + RESOURCE_NAME VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL, + RESOURCE_OWNER_NAME VARCHAR(255), + CLIENT_ID VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1234, + USER_DOMAIN VARCHAR(50), + PRIMARY KEY (ID) ); CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); + CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_IDENTITY INTEGER NOT NULL, + PROPERTY_KEY VARCHAR(40), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE ); CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_IDENTITY INTEGER NOT NULL, + SCOPE_NAME VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE ); CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT NOT NULL, + PT VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', + TENANT_ID INTEGER DEFAULT -1234, + TOKEN_ID VARCHAR(255), + PRIMARY KEY (ID) ); CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + PT_RESOURCE_ID INTEGER NOT NULL, + PT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, + FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE ); CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + PT_RESOURCE_ID INTEGER NOT NULL, + PT_SCOPE_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, + FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE ); CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY(USER_ID) ); CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); + UUID VARCHAR(50) NOT NULL, + NAME VARCHAR(100) NULL, + DISPLAY_NAME VARCHAR(100) NULL, + DESCRIPTION VARCHAR(256) NULL, + TYPE VARCHAR(45) NULL, + CONFIGURATION BLOB NULL, + ENABLED BOOLEAN DEFAULT 1, + TENANT_DOMAIN VARCHAR(100) NULL, + PRIMARY KEY (UUID), + UNIQUE (NAME,TENANT_DOMAIN) + ); -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- -- should not have any referential integrity constraints with other tables in AM database-- CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; + API_ID varchar(255) NOT NULL, + TENANT_DOMAIN varchar(255), + API_PROVIDER varchar(255), + API_NAME varchar(255), + API_VERSION varchar(255), + API_TYPE varchar(50), + PRIMARY KEY (API_ID) + )ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + ARTIFACT blob, + TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (REVISION_ID, API_ID), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + LABEL VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + PRIMARY KEY (REVISION_ID, API_ID,LABEL), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + SCOPE_TYPE VARCHAR(255) NOT NULL, + PRIMARY KEY (SCOPE_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255) NOT NULL, + BINDING_TYPE VARCHAR(255) NOT NULL, + FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_REVISION ( + ID INTEGER NOT NULL, + API_UUID VARCHAR(256) NOT NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(255), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + CREATED_BY VARCHAR(255), + PRIMARY KEY (ID, API_UUID), + UNIQUE(REVISION_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( + NAME VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, + DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (NAME, REVISION_UUID), + FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE + )ENGINE INNODB; + + -- Gateway Environments Table -- + CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + UUID VARCHAR(45) NOT NULL, + NAME VARCHAR(255) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NULL, + DESCRIPTION VARCHAR(1023) NULL, + UNIQUE (NAME, TENANT_DOMAIN), + UNIQUE (UUID), + PRIMARY KEY (ID) + ); + + -- Virtual Hosts Table -- + CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( + GATEWAY_ENV_ID INTEGER NOT NULL, + HOST VARCHAR(255) NOT NULL, + HTTP_CONTEXT VARCHAR(255) NULL, + HTTP_PORT VARCHAR(5) NOT NULL, + HTTPS_PORT VARCHAR(5) NOT NULL, + WS_PORT VARCHAR(5) NOT NULL, + WSS_PORT VARCHAR(5) NOT NULL, + FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY (GATEWAY_ENV_ID, HOST) + ); + + -- Service Catalog -- + CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( + UUID VARCHAR(36) NOT NULL, + SERVICE_KEY VARCHAR(512) NOT NULL, + MD5 VARCHAR(100) NOT NULL, + SERVICE_NAME VARCHAR(255) NOT NULL, + SERVICE_VERSION VARCHAR(30) NOT NULL, + TENANT_ID INTEGER NOT NULL, + SERVICE_URL VARCHAR(2048) NOT NULL, + DEFINITION_TYPE VARCHAR(20), + DEFINITION_URL VARCHAR(2048), + DESCRIPTION VARCHAR(1024), + SECURITY_TYPE VARCHAR(50), + MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, + CREATED_TIME TIMESTAMP NULL, + LAST_UPDATED_TIME TIMESTAMP NULL, + CREATED_BY VARCHAR(255), + UPDATED_BY VARCHAR(255), + SERVICE_DEFINITION BLOB NOT NULL, + PRIMARY KEY (UUID), + UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), + UNIQUE (SERVICE_KEY, TENANT_ID) + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( + API_ID INTEGER NOT NULL, + SERVICE_KEY VARCHAR(256) NOT NULL, + MD5 VARCHAR(100), + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (API_ID, SERVICE_KEY), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE + )ENGINE=InnoDB; + + -- Webhooks -- + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( + WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_AT BIGINT, + DELIVERED_AT TIMESTAMP NULL, + DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, + PRIMARY KEY (WH_SUBSCRIPTION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP )ENGINE INNODB; -- Performance indexes start-- @@ -2003,24 +2232,23 @@ mysql: GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) + REG_LOCK_NAME VARCHAR (20), + REG_LOCK_STATUS VARCHAR (20), + REG_LOCKED_TIME TIMESTAMP, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOCK_NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) + REG_LOG_ID INTEGER AUTO_INCREMENT, + REG_PATH VARCHAR (750), + REG_USER_ID VARCHAR (255) NOT NULL, + REG_LOGGED_TIME TIMESTAMP NOT NULL, + REG_ACTION INTEGER NOT NULL, + REG_ACTION_DATA VARCHAR (500), + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); @@ -2029,45 +2257,45 @@ mysql: -- See CARBON-5917. CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, + REG_PATH_PARENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), + CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_CONTENT_DATA LONGBLOB, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL, + REG_CONTENT_DATA LONGBLOB, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL, + REG_NAME VARCHAR(256), + REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, + REG_MEDIA_TYPE VARCHAR(500), + REG_CREATOR VARCHAR(255) NOT NULL, + REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_LAST_UPDATOR VARCHAR(255), + REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_DESCRIPTION VARCHAR(1000), + REG_CONTENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + REG_UUID VARCHAR(100) NOT NULL, + CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2079,20 +2307,20 @@ mysql: CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL, + REG_NAME VARCHAR(256), + REG_VERSION INTEGER NOT NULL, + REG_MEDIA_TYPE VARCHAR(500), + REG_CREATOR VARCHAR(255) NOT NULL, + REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_LAST_UPDATOR VARCHAR(255), + REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_DESCRIPTION VARCHAR(1000), + REG_CONTENT_ID INTEGER, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + REG_UUID VARCHAR(100) NOT NULL, + CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2101,20 +2329,20 @@ mysql: CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_COMMENT_TEXT VARCHAR(500) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_COMMENTED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_COMMENT_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2123,20 +2351,20 @@ mysql: CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_RATING INTEGER NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_RATED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_RATING_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2146,20 +2374,20 @@ mysql: CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_TAG_NAME VARCHAR(500) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_TAGGED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_TAG_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2168,19 +2396,19 @@ mysql: CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_NAME VARCHAR(100) NOT NULL, + REG_VALUE VARCHAR(1000), + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_PROPERTY_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2207,21 +2435,21 @@ mysql: CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) + REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, + REG_SOURCEPATH VARCHAR (750) NOT NULL, + REG_TARGETPATH VARCHAR (750) NOT NULL, + REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) + REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_ID INTEGER NOT NULL, + REG_RESOURCE_NAME VARCHAR(255), + REG_RESOURCE_VIDS LONGBLOB NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); @@ -2234,266 +2462,282 @@ mysql: -- ################################ CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_TENANT_UUID VARCHAR(36) NOT NULL, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_EMAIL VARCHAR(255), + UM_ACTIVE BOOLEAN DEFAULT FALSE, + UM_CREATED_DATE TIMESTAMP NOT NULL, + UM_USER_CONFIG LONGBLOB, + PRIMARY KEY (UM_ID), + UNIQUE(UM_DOMAIN_NAME), + UNIQUE(UM_TENANT_UUID) )ENGINE INNODB; CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) + UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), + UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) )ENGINE INNODB; CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); + ON UM_TENANT (UM_DOMAIN_NAME); CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_MODULE_NAME VARCHAR(100), + UNIQUE(UM_MODULE_NAME), + PRIMARY KEY(UM_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE + UM_ACTION VARCHAR(255) NOT NULL, + UM_MODULE_ID INTEGER NOT NULL, + PRIMARY KEY(UM_ACTION, UM_MODULE_ID), + FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_RESOURCE_ID VARCHAR(255) NOT NULL, + UM_ACTION VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_MODULE_ID INTEGER DEFAULT 0, + UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_USER_TENANT_ID INTEGER NOT NULL, + UM_ROLE_TENANT_ID INTEGER NOT NULL, + UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), + FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER NOT NULL, + UM_USER_STORE_DOMAIN VARCHAR(100), + UM_ACC_LINK_ID INTEGER NOT NULL, + UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), + FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID) )ENGINE INNODB; CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ATTR_NAME VARCHAR(255) NOT NULL, + UM_ATTR_VALUE VARCHAR(1024), + UM_PROFILE_ID VARCHAR(255), + UM_USER_ID INTEGER, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); + CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); + CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_URI VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_ID INTEGER NOT NULL, + UM_CLAIM_URI VARCHAR(255) NOT NULL, + UM_DISPLAY_TAG VARCHAR(255), + UM_DESCRIPTION VARCHAR(255), + UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), + UM_MAPPED_ATTRIBUTE VARCHAR(255), + UM_REG_EX VARCHAR(255), + UM_SUPPORTED SMALLINT, + UM_REQUIRED SMALLINT, + UM_DISPLAY_ORDER INTEGER, + UM_CHECKED_ATTRIBUTE SMALLINT, + UM_READ_ONLY SMALLINT, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), + FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_ID INTEGER NOT NULL, + UM_PROFILE_NAME VARCHAR(255), + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PROFILE_ID INTEGER, + UM_CLAIM_ID INTEGER, + UM_BEHAVIOUR SMALLINT, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), + FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), + PRIMARY KEY(UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_HYBRID_GROUP_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_GROUP_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_COOKIE_VALUE VARCHAR(1024), + UM_CREATED_TIME TIMESTAMP, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_DOMAIN_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID), + UNIQUE (UM_USER_ID), + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); diff --git a/simple/README.md b/simple/README.md deleted file mode 100644 index e8cd640d..00000000 --- a/simple/README.md +++ /dev/null @@ -1,51 +0,0 @@ -# Simplified setup for WSO2 Kubernetes API Manager - -![WSO2 API Manager Deployment](apim_simple.png) - -## Contents - -* [Prerequisites](#prerequisites) -* [Quick Start Guide](#quick-start-guide) - -## Prerequisites - -* Install [Kubernetes Client](https://kubernetes.io/docs/tasks/tools/install-kubectl/) in order to run the steps provided in the following Quick Start Guide. - -* An already setup Kubernetes cluster. If you haven’t already setup a K8s cluster Refer [the guide](https://kubernetes.io/docs/setup/learning-environment/minikube/). - >This artifact doesn't support [Docker Desktop](https://www.docker.com/products/docker-desktop). - -* WSO2 subscribed users can run [wso2am-latest.sh](https://github.com/wso2/kubernetes-apim/blob/3.2.x/simple/deployment-scripts/wso2am-latest.sh) with the latest updates by providing their subscription Username and Password. If you do not possess an active WSO2 subscription already, run [wso2am-ga.sh](https://github.com/wso2/kubernetes-apim/blob/3.2.x/simple/deployment-scripts/wso2am-ga.sh) which does not require subscription credentials. -Further users can acquire a subscription by referring to this [link](https://wso2.com/subscription). - -*From this point forward the respective script (wso2am-ga.sh and wso2am-latest.sh) will be identified as SIMPLIFIED_SCRIPT* - -## Quick Start Guide - -1. Download(https://github.com/wso2/kubernetes-apim/tree/3.2.x/simple/deployment-scripts) simplified Kubernetes setup - (SIMPLIFIED_SCRIPT) for WSO2 API Manager. - -2. In the command line, move into the directory where you have downloaded the SIMPLIFIED_SCRIPT. - -3. Provide permissions for the setup file to execute by running - -``` -chmod +x SIMPLIFIED_SCRIPT -``` - -4. Run the following command on your terminal. This will deploy WSO2 API Manager in your cluster. - -``` -./SIMPLFIED_SCRIPT --deploy -``` - -5. Open a browser and go to -- https://:30443/carbon/ -- https://:30443/publisher/ -- https://:30443/devportal/ -- https://:30646/analytics-dashboard/ - -use username: admin and password: admin as default login credentials. - -*Your < NODE-IP > will be provided at the end of the deployment.* - -6. Try WSO2 API Manager by following **[WSO2 API Manager - Quick Start Guide](https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/)**. diff --git a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-service.yaml b/simple/am-single/Chart.yaml similarity index 55% rename from advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-service.yaml rename to simple/am-single/Chart.yaml index c2005137..a632a933 100644 --- a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-service.yaml +++ b/simple/am-single/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,16 +13,8 @@ # limitations under the License. apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-km-service -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-km - sessionAffinity: ClientIP - ports: - # ports that this service should serve on - - name: servlet-https - protocol: TCP - port: 9443 +appVersion: "4.0.0" +description: A Helm chart for the deployment of WSO2 API Manager Single Node. +name: am-single-node +version: 4.0.0-1 +icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/simple/am-single/README.md b/simple/am-single/README.md new file mode 100644 index 00000000..31c9cde5 --- /dev/null +++ b/simple/am-single/README.md @@ -0,0 +1,276 @@ +# Helm Chart for deployment of WSO2 API Manager + +Resources for building a Helm chart for deployment of [Single Node API Manager](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/single-node/all-in-one-deployment-overview/#single-node-deployment). + +![WSO2 API Manager Single Node deployment](https://apim.docs.wso2.com/en/4.0.0/assets/img/setup-and-install/single-node-apim-deployment.png) + +For advanced details on the deployment pattern, please refer to the official +[documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/single-node/all-in-one-deployment-overview/#active-active-deployment). + +## Contents + +* [Prerequisites](#prerequisites) +* [Quick Start Guide](#quick-start-guide) +* [Configuration](#configuration) +* [Runtime Artifact Persistence and Sharing](#runtime-artifact-persistence-and-sharing) +* [Managing Java Keystores and Truststores](#managing-java-keystores-and-truststores) +* [Configuring SSL in Service Exposure](#configuring-ssl-in-service-exposure) + +## Prerequisites + +* WSO2 product Docker images used for the Kubernetes deployment. + + WSO2 product Docker images available at [DockerHub](https://hub.docker.com/u/wso2/) package General Availability (GA) + versions of WSO2 products with no [WSO2 Updates](https://wso2.com/updates). + + For a production grade deployment of the desired WSO2 product-version, it is highly recommended to use the relevant + Docker image which packages WSO2 Updates, available at [WSO2 Private Docker Registry](https://docker.wso2.com/). In order + to use these images, you need an active [WSO2 Subscription](https://wso2.com/subscription). +

+ +* Install [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git), [Helm](https://helm.sh/docs/intro/install/) + and [Kubernetes client](https://kubernetes.io/docs/tasks/tools/install-kubectl/) in order to run the steps provided in the + following quick start guide.

+ +* An already setup [Kubernetes cluster](https://kubernetes.io/docs/setup).

+ +* Install [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/deploy/).

+ +* Add the WSO2 Helm chart repository. + + ``` + helm repo add wso2 https://helm.wso2.com && helm repo update + ``` + +## Quick Start Guide + +### 1. Install the Helm Chart + +You can install the relevant Helm chart either from [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) or by source. + +**Note:** + +* `NAMESPACE` should be the Kubernetes Namespace in which the resources are deployed. + +#### Install Chart From [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) + + Helm version 2 + + ``` + helm install --name wso2/am-single-node --version 4.0.0-1 --namespace + ``` + + Helm version 3 + + - Deploy the Kubernetes resources using the Helm Chart + + ``` + helm install wso2/am-single-node --version 4.0.0-1 --namespace --create-namespace + ``` + +The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. + +If you are using WSO2 product Docker images available from WSO2 Private Docker Registry, +please provide your WSO2 Subscription credentials via input values (using `--set` argument). + +Please see the following example. + +``` + helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +``` + +#### Install Chart From Source + +>In the context of this document,
+>* `KUBERNETES_HOME` will refer to a local copy of the [`wso2/kubernetes-apim`](https://github.com/wso2/kubernetes-apim/) +Git repository.
+>* `HELM_HOME` will refer to `/simple`.
+ +##### Clone the Helm Resources for WSO2 API Manager Git repository. + +``` +git clone https://github.com/wso2/kubernetes-apim.git +``` + +##### Deploy Helm chart for WSO2 API Manager Single Node deployment. + + Helm version 2 + + ``` + helm install --dep-up --name /am-single --version 4.0.0-1 --namespace + ``` + + Helm version 3 + + - Deploy the Kubernetes resources using the Helm Chart + + ``` + helm install /am-single --version 4.0.0-1 --namespace --dependency-update --create-namespace + ``` + +The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. + +If you are using WSO2 product Docker images available from WSO2 Private Docker Registry, +please provide your WSO2 Subscription credentials via input values (using `--set` argument). + +Please see the following example. + +``` + helm install --name /am-single --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +``` +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/4.0.0/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +Helm v2 + +``` +helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +Helm v3 + +``` +helm install wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace +``` + +You will be able to see the Analytics data when you log into Choreo Analytics Portal. + +### 2. Obtain the external IP + +Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. + +``` +kubectl get ing -n +``` + +The output under the relevant column stands for the following. + +API Manager Publisher-DevPortal + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-single-node-am-ingress`) +- HOSTS: Hostname of the WSO2 API Manager service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager service + +API Manager Gateway + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-single-node-am-gateway-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Gateway service + +API Manager WebSub +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-single-node-am-websub-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Gateway (WebSub) service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Gateway (WebSub) service +### 3. Add a DNS record mapping the hostnames and the external IP + +If the defined hostnames (in the previous step) are backed by a DNS service, add a DNS record mapping the hostnames and +the external IP (`EXTERNAL-IP`) in the relevant DNS service. + +If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the +hostnames and the external IP in the `/etc/hosts` file at the client-side. + +``` + +``` + +### 4. Access Management Consoles + +- API Manager Publisher: `https:///publisher` + +- API Manager DevPortal: `https:///devportal` + +## Configuration + +The following tables lists the configurable parameters of the chart and their default values. + +###### WSO2 Subscription Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.subscription.username` | Your WSO2 Subscription username | - | +| `wso2.subscription.password` | Your WSO2 Subscription password | - | +| `wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | + +If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. + +###### Chart Dependencies + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.dependencies.mysql` | Enable the deployment and usage of WSO2 API Management MySQL based Helm Chart | true | +| `wso2.deployment.dependencies.nfsProvisioner` | Enable the deployment and usage of NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) | true | + +###### Persistent Runtime Artifact Configurations + +| Parameter | Description | Default Value | +|---------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.persistentRuntimeArtifacts.storageClass` | Appropriate Kubernetes Storage Class | `nfs` | +| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans` | Capacity for execution plans shared between the Traffic Manager profile instances | 20M | +| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs` | Capacity for synapse artifacts of APIs shared between the Gateway profile instances | 50M | +| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled` | Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled | false | +| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase` | Capacity for persisting the H2 based local Carbon database file | 50M | +| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData` | Capacity for persisting the Apache Solr indexed data | 50M | + +###### API Manager Server Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | +| `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.am.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | +| `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | +| `wso2.deployment.am.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager node | 180 | +| `wso2.deployment.am.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager node | 10 | +| `wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 2Gi | +| `wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | +| `wso2.deployment.am.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 3Gi | +| `wso2.deployment.am.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 3000m | +| `wso2.deployment.am.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.am.ingress.management.hostname` | Hostname for API Manager Admin Portal, Publisher, DevPortal and Carbon Management Console | `am.wso2.com` | +| `wso2.deployment.am.ingress.management.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.gateway.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | +| `wso2.deployment.am.ingress.gateway.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.websub.hostname` | Hostname for API Manager Gateway WebSub service | `gateway.am.wso2.com` | +| `wso2.deployment.am.ingress.websub.annotations` | Ingress resource annotations for API Manager Gateway WebSub | Community NGINX Ingress controller annotations | + +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/install/installation-prerequisites/). + +## Kubernetes Specific Configurations + +| Parameter | Description | Default Value | +|---------------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------| +| `kubernetes.serviceAccount` | Name of the Kubernetes Service Account to which the Pods are to be bound | `wso2am-single-node-svc-account` | + +## Runtime Artifact Persistence and Sharing + +* It is **mandatory** to set an appropriate Kubernetes StorageClass in this deployment, for persistence and sharing. + +* By default, this deployment uses the `nfs` Kubernetes StorageClass created using the official, stable [NFS Server Provisioner](https://hub.helm.sh/charts/stable/nfs-server-provisioner). + +* Only persistent storage solutions supporting `ReadWriteMany` [access mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) + are applicable for `wso2.deployment.persistentRuntimeArtifacts.storageClass`. + +* Please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/store/Persisting_And_Sharing.md#recommended-storage-options-for-wso2-products) + for advanced details with regards to WSO2 recommended, storage options. + +## Managing Java Keystores and Truststores + +* By default, this deployment uses the default keystores and truststores provided by the relevant WSO2 product. + +* For advanced details with regards to managing custom Java keystores and truststores in a container based WSO2 product deployment + please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/deploy/Managing_Keystores_And_Truststores.md). + +## Configuring SSL in Service Exposure + +* For WSO2 recommended best practices in configuring SSL when exposing the internal product services to outside of the Kubernetes cluster, + please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/route/Routing.md#configuring-ssl). diff --git a/simple/am-single/auth.json b/simple/am-single/auth.json new file mode 100644 index 00000000..453e366c --- /dev/null +++ b/simple/am-single/auth.json @@ -0,0 +1,10 @@ +{ + "auths": { + "reg.id": { + "username": "docker.wso2.com.username", + "password": "docker.wso2.com.password", + "email": "docker.wso2.com.email", + "auth": "docker.wso2.com.auth" + } + } +} \ No newline at end of file diff --git a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-service.yaml b/simple/am-single/requirements.yaml similarity index 53% rename from advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-service.yaml rename to simple/am-single/requirements.yaml index f9e7f4c2..074adea6 100644 --- a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-service.yaml +++ b/simple/am-single/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,17 +12,12 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-km-service -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-km - sessionAffinity: ClientIP - ports: - # ports that this service should serve on - - name: servlet-https - protocol: TCP - port: 9443 +dependencies: + - name: mysql-am + version: "4.0.0-1" + repository: "https://helm.wso2.com" + condition: wso2.deployment.dependencies.mysql + - name: nfs-server-provisioner + version: "1.1.0" + repository: "https://helm.wso2.com" + condition: wso2.deployment.dependencies.nfsServerProvisioner diff --git a/simple/am-single/templates/NOTES.txt b/simple/am-single/templates/NOTES.txt new file mode 100644 index 00000000..63bb20c5 --- /dev/null +++ b/simple/am-single/templates/NOTES.txt @@ -0,0 +1,41 @@ +Thank you for installing WSO2 API Manager. + +Please follow these steps to access API Manager Publisher, DevPortal consoles. + +1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + The output under the relevant column stands for the following. + + API Manager Publisher-DevPortal + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-single-node.resource.prefix" . }}-am-ingress) + - HOSTS: Hostname of the WSO2 API Manager service ({{ .Values.wso2.deployment.am.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the API Manager service + + API Manager Gateway + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-single-node.resource.prefix" . }}-am-gateway-ingress) + - HOSTS: Hostname of the WSO2 API Manager's Gateway service ({{ .Values.wso2.deployment.am.ingress.gateway.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the API Manager' Gateway service + + +2. Add a DNS record mapping the hostnames (in step 1) and the external IP. + + If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and + the external IP (`EXTERNAL-IP`) in the relevant DNS service. + + If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the + hostnames and the external IP in the `/etc/hosts` file at the client-side. + + {{ .Values.wso2.deployment.am.ingress.management.hostname }} {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} + +3. Navigate to the consoles in your browser of choice. + + API Manager Publisher: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/publisher + API Manager DevPortal: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/devportal + +Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/simple/am-single/templates/_helpers.tpl b/simple/am-single/templates/_helpers.tpl new file mode 100644 index 00000000..6911c4c7 --- /dev/null +++ b/simple/am-single/templates/_helpers.tpl @@ -0,0 +1,82 @@ +{{/* +Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at +http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "am-single-node.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "am-single-node.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "am-single-node.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "am-single-node.labels" -}} +app.kubernetes.io/name: {{ include "am-single-node.name" . }} +helm.sh/chart: {{ include "am-single-node.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Common prefix prepended to Kubernetes resources of this chart +*/}} +{{- define "am-single-node.resource.prefix" -}} +{{- "wso2am-single-node" }} +{{- end -}} + +{{- define "image" }} +{{- $imageName := .deployment.imageName }} +{{- $imageTag := .deployment.imageTag | default "" }} +{{- if or (eq .Values.wso2.subscription.username "") (eq .Values.wso2.subscription.password "") -}} +{{- $dockerRegistry := .deployment.dockerRegistry | default "wso2" }} +image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- printf ":%s" $imageTag -}}{{- end }} +{{- else }} +{{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} +{{- $parts := len (split "." $imageTag) }} +{{- if eq $parts 3 }} +image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} +{{- else }} +image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/advanced/am-pattern-3/templates/am/devportal/instance-2/wso2am-pattern-3-am-devportal-deployment.yaml b/simple/am-single/templates/am/instance/wso2am-deployment.yaml similarity index 64% rename from advanced/am-pattern-3/templates/am/devportal/instance-2/wso2am-pattern-3-am-devportal-deployment.yaml rename to simple/am-single/templates/am/instance/wso2am-deployment.yaml index 131e24cd..dc04dd99 100644 --- a/advanced/am-pattern-3/templates/am/devportal/instance-2/wso2am-pattern-3-am-devportal-deployment.yaml +++ b/simple/am-single/templates/am/instance/wso2am-deployment.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-deployment + name: {{ template "am-single-node.resource.prefix" . }}-am-deployment namespace: {{ .Release.Namespace }} spec: replicas: 1 @@ -23,19 +23,21 @@ spec: type: Recreate selector: matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal + deployment: {{ template "am-single-node.resource.prefix" . }}-am + node: {{ template "am-single-node.resource.prefix" . }}-am template: metadata: annotations: - checksum.am.publisher.conf: {{ include (print $.Template.BasePath "/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml") . | sha256sum }} + checksum.am.conf: {{ include (print $.Template.BasePath "/am/instance/wso2am-single-node-am-conf.yaml") . | sha256sum }} labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal + deployment: {{ template "am-single-node.resource.prefix" . }}-am + node: {{ template "am-single-node.resource.prefix" . }}-am spec: initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: init-mysql-db image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] + command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - name: init-mysql-connector-download image: busybox:1.32 command: @@ -48,15 +50,9 @@ spec: volumeMounts: - name: mysql-connector-jar mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] + {{ end }} containers: - - name: wso2am-devportal + - name: wso2am {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} livenessProbe: @@ -78,7 +74,7 @@ spec: lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} @@ -86,31 +82,39 @@ spec: limits: memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} + securityContext: + runAsUser: 802 ports: + - containerPort: 8280 + protocol: "TCP" + - containerPort: 8243 + protocol: "TCP" - containerPort: 9763 protocol: "TCP" - containerPort: 9443 protocol: "TCP" + - containerPort: 9711 + protocol: "TCP" + - containerPort: 9611 + protocol: "TCP" + - containerPort: 5672 + protocol: "TCP" env: - - name: PROFILE_NAME - value: api-devportal - name: NODE_IP valueFrom: fieldRef: fieldPath: status.podIP - name: JVM_MEM_OPTS value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 volumeMounts: - - name: wso2am-devportal-conf + - name: wso2am-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-local-carbon-database-storage + - name: wso2am-local-carbon-database-storage mountPath: /home/wso2carbon/solr/database - - name: wso2am-devportal-indexed-data-volume + - name: wso2am-solr-indexed-data-storage mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-devportal-conf-entrypoint + - name: wso2am-conf-entrypoint mountPath: /home/wso2carbon/docker-entrypoint.sh subPath: docker-entrypoint.sh {{ end }} @@ -124,23 +128,23 @@ spec: - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} + - name: {{ template "am-single-node.resource.prefix" . }}-wso2-private-registry-creds + {{ end }} volumes: - - name: wso2am-devportal-conf + - name: wso2am-conf configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf + name: {{ template "am-single-node.resource.prefix" . }}-am-conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf-entrypoint - defaultMode: 0407 - - name: wso2am-devportal-local-carbon-database-storage + - name: wso2am-local-carbon-database-storage persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-local-carbon-database-volume-claim - - name: wso2am-devportal-indexed-data-volume + claimName: {{ template "am-single-node.resource.prefix" . }}-am-local-carbon-database-volume-claim + - name: wso2am-solr-indexed-data-storage persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-solr-indexed-data-volume-claim + claimName: {{ template "am-single-node.resource.prefix" . }}-am-solr-indexed-data-volume-claim + - name: wso2am-conf-entrypoint + configMap: + name: {{ template "am-single-node.resource.prefix" . }}-am-conf-entrypoint + defaultMode: 0407 {{ end }} {{ if .Values.wso2.deployment.dependencies.mysql }} - name: mysql-connector-jar diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-service.yaml b/simple/am-single/templates/am/instance/wso2am-service.yaml similarity index 62% rename from advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-service.yaml rename to simple/am-single/templates/am/instance/wso2am-service.yaml index 1eb4743d..51f75462 100644 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-service.yaml +++ b/simple/am-single/templates/am/instance/wso2am-service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,15 +15,21 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-service + name: {{ template "am-single-node.resource.prefix" . }}-am-service namespace : {{ .Release.Namespace }} spec: # label keys and values that must match in order to receive traffic for this service selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-2 + deployment: {{ template "am-single-node.resource.prefix" . }}-am + node: {{ template "am-single-node.resource.prefix" . }}-am ports: # ports that this service should serve on + - name: pass-through-http + protocol: TCP + port: 8280 + - name: pass-through-https + protocol: TCP + port: 8243 - name: binary protocol: TCP port: 9611 @@ -33,3 +39,12 @@ spec: - name: jms-tcp protocol: TCP port: 5672 + - name: servlet-https + protocol: TCP + port: 9443 + - name: websub-http + protocol: TCP + port: 9021 + - name: websub-https + protocol: TCP + port: 8021 diff --git a/simple/kubernetes-apim/wso2apim-conf.yaml b/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml similarity index 73% rename from simple/kubernetes-apim/wso2apim-conf.yaml rename to simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml index d9d38bfe..50dedcda 100644 --- a/simple/kubernetes-apim/wso2apim-conf.yaml +++ b/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml @@ -1,17 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. apiVersion: v1 kind: ConfigMap metadata: - name: wso2am-pattern-1-am-1-conf - namespace: wso2 + name: {{ template "am-single-node.resource.prefix" . }}-am-conf + namespace : {{ .Release.Namespace }} + {{ if .Values.wso2.deployment.am.config }} data: - deployment.toml: | + {{- range $index, $content := .Values.wso2.deployment.am.config }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} + {{ else }} +data: + deployment.toml: |- [server] - hostname = ""ip.node.k8s.&.wso2.apim"" - node_ip = "$env{NODE_IP}" - # offset=0 - mode = "single" #single or ha + hostname = "{{ .Values.wso2.deployment.am.ingress.management.hostname }}" + #offset=0 base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -26,14 +44,14 @@ data: [database.apim_db] type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" username = "wso2carbon" password = "wso2carbon" driver = "com.mysql.cj.jdbc.Driver" [database.shared_db] type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" username = "wso2carbon" password = "wso2carbon" driver = "com.mysql.cj.jdbc.Driver" @@ -60,7 +78,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -68,10 +86,15 @@ data: service_url = "https://localhost:${mgt.transport.https.port}/services/" username= "${admin.username}" password= "${admin.password}" - ws_endpoint = "ws://"ip.node.k8s.&.wso2.apim":9099" - wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" - http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" - https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" + ws_endpoint = "ws://localhost:9099" + wss_endpoint = "wss://localhost:8099" + http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -100,25 +123,18 @@ data: #[apim.cache.tags] #expiry_time = "2m" - + + {{ if .Values.wso2.choreoAnalytics.enabled }} [apim.analytics] enable = true - store_api_url = "https://wso2am-pattern-1-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://wso2am-pattern-1-analytics-worker-service:7612"] - analytics_auth_url =["ssl://wso2am-pattern-1-analytics-worker-service:7712"] - #type = "loadbalance" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} + [apim.analytics] + enable = false + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" + auth_token = "" + {{ end }} #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -155,7 +171,7 @@ data: #enable_token_hashing = false [apim.devportal] - url = "https://"ip.node.k8s.&.wso2.apim":30443/devportal" + url = "https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/devportal" #enable_application_sharing = false #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api @@ -166,11 +182,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false #[apim.throttling] @@ -256,9 +274,6 @@ data: [service_provider] sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - [[event_listener]] id = "token_revocation" type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" @@ -271,5 +286,17 @@ data: 'header.X-WSO2-KEY-MANAGER' = "default" [transport.https.properties] - proxyPort = 30443 ---- + proxyPort = 443 + + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + [database.local] + url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + + [indexing] + location = "/home/wso2carbon/solr/indexed-data" + {{ else }} + [database.local] + url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + {{ end }} + + {{ end }} diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf-entrypoint.yaml b/simple/am-single/templates/am/wso2am-conf-entrypoint.yaml similarity index 68% rename from advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf-entrypoint.yaml rename to simple/am-single/templates/am/wso2am-conf-entrypoint.yaml index d75257e1..2f7379bd 100644 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf-entrypoint.yaml +++ b/simple/am-single/templates/am/wso2am-conf-entrypoint.yaml @@ -1,6 +1,6 @@ {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf-entrypoint + name: {{ template "am-single-node.resource.prefix" . }}-am-conf-entrypoint namespace: {{ .Release.Namespace }} data: docker-entrypoint.sh: | @@ -38,24 +38,6 @@ data: # check if the WSO2 product home exists test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - # Copying carbon_db if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db then @@ -80,10 +62,10 @@ data: if [[ -z "${PROFILE_NAME}" ]] then # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh "$@" else # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh -Dprofile=${PROFILE_NAME} "$@" fi {{ end }} diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-ingress.yaml b/simple/am-single/templates/am/wso2am-gateway-ingress.yaml similarity index 61% rename from advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-ingress.yaml rename to simple/am-single/templates/am/wso2am-gateway-ingress.yaml index 01c349b9..571d0aab 100644 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-ingress.yaml +++ b/simple/am-single/templates/am/wso2am-gateway-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021 WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-ingress + name: {{ template "am-single-node.resource.prefix" . }}-am-gateway-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.gateway.ingress.annotations }} +{{- if .Values.wso2.deployment.am.ingress.gateway.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.am.gateway.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.am.ingress.gateway.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} + - {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} rules: - - host: {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} + - host: {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} http: paths: - path: / backend: - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service + serviceName: {{ template "am-single-node.resource.prefix" . }}-am-service servicePort: 8243 diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-ingress.yaml b/simple/am-single/templates/am/wso2am-ingress.yaml similarity index 55% rename from advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-ingress.yaml rename to simple/am-single/templates/am/wso2am-ingress.yaml index 85df644f..31a81819 100644 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-ingress.yaml +++ b/simple/am-single/templates/am/wso2am-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-ingress + name: {{ template "am-single-node.resource.prefix" . }}-am-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.publisher.ingress.annotations }} +{{- if .Values.wso2.deployment.am.ingress.management.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.am.publisher.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.am.ingress.management.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.am.publisher.ingress.hostname }} + - {{ .Values.wso2.deployment.am.ingress.management.hostname }} rules: - - host: {{ .Values.wso2.deployment.am.publisher.ingress.hostname }} + - host: {{ .Values.wso2.deployment.am.ingress.management.hostname }} http: paths: - - path: / - backend: - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service - servicePort: 9443 + - path: / + backend: + serviceName: {{ template "am-single-node.resource.prefix" . }}-am-service + servicePort: 9443 \ No newline at end of file diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-volume-claim.yaml b/simple/am-single/templates/am/wso2am-volume-claims.yaml similarity index 56% rename from advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-volume-claim.yaml rename to simple/am-single/templates/am/wso2am-volume-claims.yaml index 074e6d7a..77054ad4 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-volume-claim.yaml +++ b/simple/am-single/templates/am/wso2am-volume-claims.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,12 +15,29 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim + name: {{ template "am-single-node.resource.prefix" . }}-am-local-carbon-database-volume-claim namespace : {{ .Release.Namespace }} spec: accessModes: - ReadWriteMany resources: requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs }} + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-solr-indexed-data-volume-claim + namespace : {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} + storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + +--- diff --git a/simple/am-single/templates/am/wso2am-websub-ingress.yaml b/simple/am-single/templates/am/wso2am-websub-ingress.yaml new file mode 100644 index 00000000..9454fd09 --- /dev/null +++ b/simple/am-single/templates/am/wso2am-websub-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-websub-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.am.ingress.websub.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.am.ingress.websub.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.am.ingress.websub.hostname }} + rules: + - host: {{ .Values.wso2.deployment.am.ingress.websub.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-single-node.resource.prefix" . }}-am-service + servicePort: 8021 diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-secrets.yaml b/simple/am-single/templates/wso2am-secrets.yaml similarity index 90% rename from advanced/am-pattern-1/templates/wso2am-pattern-1-secrets.yaml rename to simple/am-single/templates/wso2am-secrets.yaml index db337c3f..181bbdff 100644 --- a/advanced/am-pattern-1/templates/wso2am-pattern-1-secrets.yaml +++ b/simple/am-single/templates/wso2am-secrets.yaml @@ -1,5 +1,5 @@ {{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} -# Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds + name: {{ template "am-single-node.resource.prefix" . }}-wso2-private-registry-creds namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: diff --git a/advanced/am-pattern-2/templates/wso2am-pattern-2-service-account.yaml b/simple/am-single/templates/wso2am-service-account.yaml similarity index 86% rename from advanced/am-pattern-2/templates/wso2am-pattern-2-service-account.yaml rename to simple/am-single/templates/wso2am-service-account.yaml index ab2a50fa..d91c4a4f 100644 --- a/advanced/am-pattern-2/templates/wso2am-pattern-2-service-account.yaml +++ b/simple/am-single/templates/wso2am-service-account.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,4 +16,4 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ .Values.kubernetes.serviceAccount }} - namespace : {{ .Values.namespace }} + namespace : {{ .Release.Namespace }} diff --git a/simple/am-single/values.yaml b/simple/am-single/values.yaml new file mode 100644 index 00000000..eca5cc3f --- /dev/null +++ b/simple/am-single/values.yaml @@ -0,0 +1,141 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +wso2: + # WSO2 Subscription parameters (https://wso2.com/subscription/) + # If provided, these parameters will be used to obtain official WSO2 product Docker images available at WSO2 Private Docker Registry (https://docker.wso2.com/) + # for this deployment + subscription: + username: "" + password: "" + + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" + + deployment: + dependencies: + # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster + mysql: true + # Enable NFS dynamic provisioner for Kubernetes + nfsServerProvisioner: true + + # Persisted and shared runtime artifacts for API Manager + # See official documentation (from https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/common-runtime-and-configuration-artifacts/#persistent-runtime-artifacts) + persistentRuntimeArtifacts: + # Kubernetes Storage Class to be used to dynamically provision the relevant Persistent Volumes + # Only persistent storage solutions supporting ReadWriteMany access mode are applicable (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) + # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) + storageClass: &storage_class "nfs" + + # Persistent runtime artifacts for Apache Solr-based indexing + apacheSolrIndexing: + # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled + # By default, this is disabled + enabled: false + # Define capacities for persistent runtime artifact directories + capacity: + # For persisting the H2 based local Carbon database file + carbonDatabase: 50M + # For persisting the indexed data + solrIndexedData: 50M + + am: + # Container image configurations + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value + # dockerRegistry: "" + imageName: "wso2am" + imageTag: "4.0.0" + # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) + imagePullPolicy: Always + + # Indicates whether the container is running + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 + # Indicates whether the container is ready to service requests + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 + + resources: + # These are the minimum resource recommendations for running WSO2 API Management product profiles + # as per official documentation (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) + requests: + memory: "2Gi" + cpu: "2000m" + limits: + memory: "3Gi" + cpu: "3000m" + # JVM settings + # These are the resource allocation configurations associated with the JVM + # Refer to the official documentation for advanced details (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) + jvm: + # Resource allocation for the Java Heap + heap: + memory: + # Initial and minimum Heap size + xms: "1024m" + # Maximum Heap size + xmx: "1024m" + + # If the deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml), + # add the customized configuration file under (wso2 -> deployment -> am -> config -> deployment.toml) +# config: "" +# deployment.toml: |- +# # deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) + + # Configure Ingresses + ingress: + management: + # Hostname for API Manager Carbon Management Console, Publisher, DevPortal and Admin Portal + hostname: "am.wso2.com" + # Annotations for the API Manager Publisher-DevPortal services Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/affinity: "cookie" + nginx.ingress.kubernetes.io/session-cookie-name: "route" + nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" + gateway: + # Hostname for Gateway profile + hostname: "gateway.am.wso2.com" + # Annotations for the API Manager Gateway service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + websub: + hostname: "websub.am.wso2.com" + # Annotations for the API Manager Gateway service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + + +kubernetes: + # Name of Kubernetes service account + serviceAccount: "wso2am-single-node-svc-account" + +# Override sub chart parameters +mysql-am: + mysql: + persistence: + storageClass: *storage_class diff --git a/simple/apim_simple.png b/simple/apim_simple.png deleted file mode 100644 index bbe30a41..00000000 Binary files a/simple/apim_simple.png and /dev/null differ diff --git a/simple/create.sh b/simple/create.sh deleted file mode 100755 index 83a3d1d0..00000000 --- a/simple/create.sh +++ /dev/null @@ -1,110 +0,0 @@ -#!/bin/bash - -IS_OPEN_SOURCE=FALSE - -if $IS_OPEN_SOURCE; then - SCRIPT="deployment-scripts/wso2am-ga.sh" -else - SCRIPT="deployment-scripts/wso2am-latest.sh" -fi - -cat > $SCRIPT << "EOF" -#!/bin/bash - -#------------------------------------------------------------------------------- -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#-------------------------------------------------------------------------------- - -set -e - -EOF - -cat >> $SCRIPT << "EOF" -# bash variables -k8s_obj_file="deployment.yaml"; str_sec="" - -# wso2 subscription variables -WUMUsername=''; WUMPassword='' -EOF - -if $IS_OPEN_SOURCE; then - echo 'IMG_DEST="wso2"' >> $SCRIPT -else - echo 'IMG_DEST="docker.wso2.com"' >> $SCRIPT -fi - -cat >> $SCRIPT << "EOF" - -: ${namespace:="wso2"} - -EOF - -echo "function create_yaml(){" >> $SCRIPT -echo 'cat > $k8s_obj_file << "EOF"' >> $SCRIPT -echo 'EOF' >> $SCRIPT -echo 'if [ "$namespace" == "wso2" ]; then' >> $SCRIPT -echo 'cat > $k8s_obj_file << "EOF"' >> $SCRIPT -cat kubernetes-basics/namespace.yaml >> $SCRIPT -echo -e "EOF\nfi" >> $SCRIPT - -echo 'cat >> $k8s_obj_file << "EOF"' >> $SCRIPT -cat kubernetes-basics/svcaccount.yaml >> $SCRIPT -if ! $IS_OPEN_SOURCE; then - cat kubernetes-basics/secrets.yaml >> $SCRIPT -fi -cat kubernetes-apim-mysql/wso2apim-mysql-conf.yaml >> $SCRIPT -cat kubernetes-apim-mysql/wso2apim-mysql-service.yaml >> $SCRIPT -cat kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml >> $SCRIPT -cat kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml>> $SCRIPT -cat kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml >> $SCRIPT -cat kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml >> $SCRIPT -cat kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml >> $SCRIPT -cat kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml >> $SCRIPT -cat kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml >> $SCRIPT -cat kubernetes-apim/wso2apim-conf.yaml >> $SCRIPT -cat kubernetes-apim/wso2apim-service.yaml >> $SCRIPT -cat kubernetes-apim/wso2apim-deployment.yaml >> $SCRIPT - -echo -e "EOF\n}\n" >> $SCRIPT - -if $IS_OPEN_SOURCE; then - cat funcs4opensource >> $SCRIPT -else - cat funcs >> $SCRIPT -fi - -cat >> $SCRIPT << "EOF" -arg=$1 -if [[ -z $arg ]]; then - echoBold "Expected parameter is missing\n" - usage -else - case $arg in - -d|--deploy) - deploy - ;; - -u|--undeploy) - undeploy - ;; - -h|--help) - usage - ;; - *) - echoBold "Invalid parameter : $arg\n" - usage - ;; - esac -fi -EOF diff --git a/simple/deployment-scripts/wso2am-ga.sh b/simple/deployment-scripts/wso2am-ga.sh deleted file mode 100644 index 6463d3a0..00000000 --- a/simple/deployment-scripts/wso2am-ga.sh +++ /dev/null @@ -1,4518 +0,0 @@ -#!/bin/bash - -#------------------------------------------------------------------------------- -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#-------------------------------------------------------------------------------- - -set -e - -# bash variables -k8s_obj_file="deployment.yaml"; str_sec="" - -# wso2 subscription variables -WUMUsername=''; WUMPassword='' -IMG_DEST="wso2" - -: ${namespace:="wso2"} - -function create_yaml(){ -cat > $k8s_obj_file << "EOF" -EOF -if [ "$namespace" == "wso2" ]; then -cat > $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: Namespace -metadata: - name: wso2 ---- -EOF -fi -cat >> $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wso2am-pattern-1-svc-account - namespace: wso2 ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2apim-mysql-dbscripts - namespace: wso2 -data: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_STATS_DB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT 0, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (FILE_NAME, FILE_TIMESTAMP) - ); - mysql_apim.sql: |- - DROP DATABASE IF EXISTS WSO2AM_DB; - CREATE DATABASE WSO2AM_DB; - GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_DB; - -- Start of IDENTITY Tables-- - CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) - )ENGINE INNODB; - - INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL - ); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - - - - CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - - CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) - )ENGINE INNODB; - - ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - - ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - - CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - - CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; - - -- --------------------------- INDEX CREATION ----------------------------- - -- IDN_OAUTH2_ACCESS_TOKEN -- - CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); - CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); - CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); - CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); - CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); - CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - - -- IDN_OAUTH2_AUTHORIZATION_CODE -- - CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); - CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); - CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); - CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); - - -- IDN_SCIM_GROUP -- - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); - - -- IDN_AUTH_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); - - -- IDN_AUTH_TEMP_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - - -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- - CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - - -- IDN_OAUTH2_SCOPE -- - CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - - -- IDN_OAUTH2_SCOPE_BINDING -- - CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - - -- IDN_OIDC_REQ_OBJECT_REFERENCE -- - CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - - -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- - CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - - -- SP_TEMPLATE -- - CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - - -- IDN_AUTH_USER -- - CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); - CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - - -- IDN_AUTH_USER_SESSION_MAPPING -- - CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); - CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - - -- IDN_OAUTH_CONSUMER_APPS -- - CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - - -- IDX_SPI_APP -- - CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - - -- IDN_OIDC_PROPERTY -- - CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); - - -- IDN_FIDO2_PROPERTY -- - CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - - -- IDN_ASSOCIATED_ID -- - CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - - -- IDN_OAUTH2_TOKEN_BINDING -- - CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); - - -- IDN_FED_AUTH_SESSION_MAPPING -- - CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - - -- End of IDENTITY Tables-- - - -- Start of CONSENT-MGT Tables -- - - CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) - ); - - CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) - ); - - CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) - ); - - CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) - ); - - ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); - - ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); - - INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); - -- End of CONSENT-MGT Tables -- - - -- Start of API-MGT Tables -- - CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - PRIMARY KEY (URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) - )ENGINE INNODB; - - CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, - COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, - API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (COMMENT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (RATING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (APISTORE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) - )ENGINE = INNODB; - - CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - - CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) - )ENGINE = INNODB; - - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); - - - - -- AM Throttling tables -- - - CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) - )ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) - ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) - ENGINE = InnoDB; - - CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - -- BotDATA Email table -- - CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ) ENGINE=InnoDB; - - -- Tenant Themes Table -- - CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) - ) ENGINE=InnoDB; - -- End of API-MGT Tables -- - - -- UMA tables -- - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); - - CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ); - - CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); - - -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- - -- should not have any referential integrity constraints with other tables in AM database-- - CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - -- Performance indexes start-- - - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); - create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); - create index IDX_AAI_CTX on AM_API (CONTEXT); - create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); - create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); - create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); - create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); - create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); - create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); - create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); - create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); - create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); - create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); - - -- Performance indexes end-- - - mysql_shared.sql: |- - DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; - CREATE DATABASE WSO2AM_SHARED_DB; - GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); - - -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. - -- See CARBON-5917. - - CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); - - - CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); - - -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( - -- SRC_PATH_ID INTEGER, - -- SRC_RESOURCE_NAME VARCHAR(256), - -- SRC_VERSION INTEGER, - -- TGT_PATH_ID INTEGER, - -- TGT_RESOURCE_NAME VARCHAR(256), - -- TGT_VERSION INTEGER - -- )ENGINE INNODB; - -- - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); - - - - CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - - ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - - - -- ################################ - -- USER MANAGER TABLES - -- ################################ - - CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) - )ENGINE INNODB; - - CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); - - CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) - )ENGINE INNODB; - - CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); - - CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) - CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) - CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); - - CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); - - CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); - ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2apim-rdbms-service-mysql - namespace: wso2 -spec: - type: ClusterIP - selector: - deployment: wso2apim-mysql - product: api-manager - ports: - - name: mysql-port - port: 3306 - targetPort: 3306 - protocol: TCP ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2apim-mysql-deployment - namespace: wso2 -spec: - replicas: 1 - selector: - matchLabels: - deployment: wso2apim-mysql - product: api-manager - template: - metadata: - labels: - deployment: wso2apim-mysql - product: api-manager - spec: - containers: - - name: wso2apim-mysql - image: mysql:5.7 - livenessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - readinessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 999 - env: - - name: MYSQL_ROOT_PASSWORD - value: root - - name: MYSQL_USER - value: wso2carbon - - name: MYSQL_PASSWORD - value: wso2carbon - ports: - - containerPort: 3306 - protocol: TCP - volumeMounts: - - name: wso2apim-mysql-dbscripts - mountPath: /docker-entrypoint-initdb.d - args: ["--max-connections", "10000"] - volumes: - - name: wso2apim-mysql-dbscripts - configMap: - name: wso2apim-mysql-dbscripts - serviceAccountName: "wso2am-pattern-1-svc-account" ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-dashboard-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/DASHBOARD_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERMISSION_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 30643 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://wso2am-pattern-1-am-1-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://"ip.node.k8s.&.wso2.apim":30443/oauth2 - kmTokenUrl: https://wso2am-pattern-1-am-1-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 900 - baseUrl: https://"ip.node.k8s.&.wso2.apim":30646 - grantType: authorization_code - publisherUrl: https://wso2am-pattern-1-am-1-service:9443 - devPortalUrl: https://wso2am-pattern-1-am-1-service:9443 - externalLogoutUrl: https://"ip.node.k8s.&.wso2.apim":30443/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-dashboard-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: 'ui' - port: 30646 - protocol: TCP - targetPort: 30646 - nodePort: 30646 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-dashboard-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-dashboard - image: "$image.pull.@.wso2"/wso2am-analytics-dashboard:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 30646 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - configMap: - name: wso2am-pattern-1-am-analytics-dashboard-conf - - name: mysql-connector-jar - emptyDir: {} ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-worker-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_PERMISSIONS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: org.h2.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/WSO2_CLUSTER_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - maxPoolSize: 10 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - # - - # name: PERSISTENCE_DB - # description: "Datasource used for persistence" - # jndiConfig: - # name: jdbc/PERSISTENCE_DB - # definition: - # type: RDBMS - # configuration: - # connectionTestQuery: "SELECT 1" - # driverClassName: com.mysql.jdbc.Driver - # idleTimeout: 60000 - # isAutoCommit: false - # jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERSISTENCE_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - # maxPoolSize: 10 - # password: pass - # username: root - # validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: false - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 3 - eventPollingInterval: 1000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - - # Sample of deployment.config for Two node HA - #deployment.config: - # type: ha - # eventSyncServer: - # host: localhost - # port: 9893 - # advertisedHost: localhost - # advertisedPort: 9893 - # bossThreads: 10 - # workerThreads: 10 - # eventSyncClientPool: - # maxActive: 10 - # maxTotal: 10 - # maxIdle: 10 - # maxWait: 60000 - # minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-worker-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-worker-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-worker - image: "$image.pull.@.wso2"/wso2am-analytics-worker:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 9764 - protocol: "TCP" - - - containerPort: 9444 - protocol: "TCP" - - - containerPort: 7612 - protocol: "TCP" - - - containerPort: 7712 - protocol: "TCP" - - - containerPort: 9091 - protocol: "TCP" - - - containerPort: 7071 - protocol: "TCP" - - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-worker-conf - configMap: - name: wso2am-pattern-1-am-analytics-worker-conf - - name: mysql-connector-jar - emptyDir: {} ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-1-conf - namespace: wso2 -data: - deployment.toml: | - - [server] - hostname = ""ip.node.k8s.&.wso2.apim"" - node_ip = "$env{NODE_IP}" - # offset=0 - mode = "single" #single or ha - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Production and Sandbox" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://localhost:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://"ip.node.k8s.&.wso2.apim":9099" - wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" - http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" - https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = true - store_api_url = "https://wso2am-pattern-1-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://wso2am-pattern-1-analytics-worker-service:7612"] - analytics_auth_url =["ssl://wso2am-pattern-1-analytics-worker-service:7712"] - #type = "loadbalance" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" - - #[apim.key_manager] - #service_url = "https://localhost:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - #[apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://"ip.node.k8s.&.wso2.apim":30443/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] - allow_credentials = false - - #[apim.throttling] - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "loadbalance" - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "failover" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 30443 ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-am-1-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-am - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - targetPort: 8280 - nodePort: 30280 - - - name: pass-through-https - protocol: TCP - port: 8243 - targetPort: 8243 - nodePort: 30243 - - - name: servlet-http - protocol: TCP - port: 9763 - targetPort: 9763 - nodePort: 30763 - - - name: servlet-https - protocol: TCP - port: 9443 - targetPort: 9443 - nodePort: 30443 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-am-1-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-am - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-am - product: api-manager - spec: - hostAliases: - - ip: "127.0.0.1" - hostnames: - - "wso2apim" - initContainers: - - name: init-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-am-analytics-worker - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z wso2am-pattern-1-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-am - image: "$image.pull.@.wso2"/wso2am:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 2Gi - cpu: 2000m - imagePullPolicy: Always - ports: - - - containerPort: 8280 - protocol: "TCP" - - - containerPort: 8243 - protocol: "TCP" - - - containerPort: 9763 - protocol: "TCP" - - - containerPort: 9443 - protocol: "TCP" - env: - - name: HOST_NAME - value: "wso2apim" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: wso2am-pattern-1-am-1-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-1-conf - configMap: - name: wso2am-pattern-1-am-1-conf - - name: mysql-connector-jar - emptyDir: {} ---- -EOF -} - -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt 250 ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - # get node-ip - get_node_ip - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} -arg=$1 -if [[ -z $arg ]]; then - echoBold "Expected parameter is missing\n" - usage -else - case $arg in - -d|--deploy) - deploy - ;; - -u|--undeploy) - undeploy - ;; - -h|--help) - usage - ;; - *) - echoBold "Invalid parameter : $arg\n" - usage - ;; - esac -fi diff --git a/simple/deployment-scripts/wso2am-latest.sh b/simple/deployment-scripts/wso2am-latest.sh deleted file mode 100755 index 8673c8b3..00000000 --- a/simple/deployment-scripts/wso2am-latest.sh +++ /dev/null @@ -1,4571 +0,0 @@ -#!/bin/bash - -#------------------------------------------------------------------------------- -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#-------------------------------------------------------------------------------- - -set -e - -# bash variables -k8s_obj_file="deployment.yaml"; str_sec="" - -# wso2 subscription variables -WUMUsername=''; WUMPassword='' -IMG_DEST="docker.wso2.com" - -: ${namespace:="wso2"} - -function create_yaml(){ -cat > $k8s_obj_file << "EOF" -EOF -if [ "$namespace" == "wso2" ]; then -cat > $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: Namespace -metadata: - name: wso2 ---- -EOF -fi -cat >> $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wso2am-pattern-1-svc-account - namespace: wso2 ---- - -apiVersion: v1 -kind: Secret -metadata: - name: wso2am-pattern-1-creds - namespace: wso2 -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: "k8s.apim.&.auth.wso2" ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2apim-mysql-dbscripts - namespace: wso2 -data: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_STATS_DB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT 0, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (FILE_NAME, FILE_TIMESTAMP) - ); - mysql_apim.sql: |- - DROP DATABASE IF EXISTS WSO2AM_DB; - CREATE DATABASE WSO2AM_DB; - GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_DB; - -- Start of IDENTITY Tables-- - CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) - )ENGINE INNODB; - - INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL - ); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - - - - CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - - CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) - )ENGINE INNODB; - - ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - - ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - - CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - - CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; - - -- --------------------------- INDEX CREATION ----------------------------- - -- IDN_OAUTH2_ACCESS_TOKEN -- - CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); - CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); - CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); - CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); - CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); - CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - - -- IDN_OAUTH2_AUTHORIZATION_CODE -- - CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); - CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); - CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); - CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); - - -- IDN_SCIM_GROUP -- - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); - - -- IDN_AUTH_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); - - -- IDN_AUTH_TEMP_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - - -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- - CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - - -- IDN_OAUTH2_SCOPE -- - CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - - -- IDN_OAUTH2_SCOPE_BINDING -- - CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - - -- IDN_OIDC_REQ_OBJECT_REFERENCE -- - CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - - -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- - CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - - -- SP_TEMPLATE -- - CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - - -- IDN_AUTH_USER -- - CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); - CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - - -- IDN_AUTH_USER_SESSION_MAPPING -- - CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); - CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - - -- IDN_OAUTH_CONSUMER_APPS -- - CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - - -- IDX_SPI_APP -- - CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - - -- IDN_OIDC_PROPERTY -- - CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); - - -- IDN_FIDO2_PROPERTY -- - CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - - -- IDN_ASSOCIATED_ID -- - CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - - -- IDN_OAUTH2_TOKEN_BINDING -- - CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); - - -- IDN_FED_AUTH_SESSION_MAPPING -- - CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - - -- End of IDENTITY Tables-- - - -- Start of CONSENT-MGT Tables -- - - CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) - ); - - CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) - ); - - CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) - ); - - CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) - ); - - ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); - - ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); - - INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); - -- End of CONSENT-MGT Tables -- - - -- Start of API-MGT Tables -- - CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - PRIMARY KEY (URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) - )ENGINE INNODB; - - CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, - COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, - API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (COMMENT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (RATING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (APISTORE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) - )ENGINE = INNODB; - - CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - - CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) - )ENGINE = INNODB; - - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); - - - - -- AM Throttling tables -- - - CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) - )ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) - ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) - ENGINE = InnoDB; - - CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - -- BotDATA Email table -- - CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ) ENGINE=InnoDB; - - -- Tenant Themes Table -- - CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) - ) ENGINE=InnoDB; - -- End of API-MGT Tables -- - - -- UMA tables -- - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); - - CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ); - - CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); - - -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- - -- should not have any referential integrity constraints with other tables in AM database-- - CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - -- Performance indexes start-- - - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); - create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); - create index IDX_AAI_CTX on AM_API (CONTEXT); - create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); - create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); - create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); - create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); - create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); - create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); - create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); - create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); - create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); - create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); - - -- Performance indexes end-- - - mysql_shared.sql: |- - DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; - CREATE DATABASE WSO2AM_SHARED_DB; - GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); - - -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. - -- See CARBON-5917. - - CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); - - - CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); - - -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( - -- SRC_PATH_ID INTEGER, - -- SRC_RESOURCE_NAME VARCHAR(256), - -- SRC_VERSION INTEGER, - -- TGT_PATH_ID INTEGER, - -- TGT_RESOURCE_NAME VARCHAR(256), - -- TGT_VERSION INTEGER - -- )ENGINE INNODB; - -- - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); - - - - CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - - ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - - - -- ################################ - -- USER MANAGER TABLES - -- ################################ - - CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) - )ENGINE INNODB; - - CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); - - CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) - )ENGINE INNODB; - - CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); - - CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) - CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) - CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); - - CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); - - CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); - ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2apim-rdbms-service-mysql - namespace: wso2 -spec: - type: ClusterIP - selector: - deployment: wso2apim-mysql - product: api-manager - ports: - - name: mysql-port - port: 3306 - targetPort: 3306 - protocol: TCP ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2apim-mysql-deployment - namespace: wso2 -spec: - replicas: 1 - selector: - matchLabels: - deployment: wso2apim-mysql - product: api-manager - template: - metadata: - labels: - deployment: wso2apim-mysql - product: api-manager - spec: - containers: - - name: wso2apim-mysql - image: mysql:5.7 - livenessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - readinessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 999 - env: - - name: MYSQL_ROOT_PASSWORD - value: root - - name: MYSQL_USER - value: wso2carbon - - name: MYSQL_PASSWORD - value: wso2carbon - ports: - - containerPort: 3306 - protocol: TCP - volumeMounts: - - name: wso2apim-mysql-dbscripts - mountPath: /docker-entrypoint-initdb.d - args: ["--max-connections", "10000"] - volumes: - - name: wso2apim-mysql-dbscripts - configMap: - name: wso2apim-mysql-dbscripts - serviceAccountName: "wso2am-pattern-1-svc-account" ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-dashboard-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/DASHBOARD_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERMISSION_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 30643 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://wso2am-pattern-1-am-1-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://"ip.node.k8s.&.wso2.apim":30443/oauth2 - kmTokenUrl: https://wso2am-pattern-1-am-1-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 900 - baseUrl: https://"ip.node.k8s.&.wso2.apim":30646 - grantType: authorization_code - publisherUrl: https://wso2am-pattern-1-am-1-service:9443 - devPortalUrl: https://wso2am-pattern-1-am-1-service:9443 - externalLogoutUrl: https://"ip.node.k8s.&.wso2.apim":30443/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-dashboard-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: 'ui' - port: 30646 - protocol: TCP - targetPort: 30646 - nodePort: 30646 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-dashboard-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-dashboard - image: "$image.pull.@.wso2"/wso2am-analytics-dashboard:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 30646 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - configMap: - name: wso2am-pattern-1-am-analytics-dashboard-conf - - name: mysql-connector-jar - emptyDir: {} ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-worker-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_PERMISSIONS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: org.h2.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/WSO2_CLUSTER_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - maxPoolSize: 10 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - # - - # name: PERSISTENCE_DB - # description: "Datasource used for persistence" - # jndiConfig: - # name: jdbc/PERSISTENCE_DB - # definition: - # type: RDBMS - # configuration: - # connectionTestQuery: "SELECT 1" - # driverClassName: com.mysql.jdbc.Driver - # idleTimeout: 60000 - # isAutoCommit: false - # jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERSISTENCE_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - # maxPoolSize: 10 - # password: pass - # username: root - # validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: false - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 3 - eventPollingInterval: 1000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - - # Sample of deployment.config for Two node HA - #deployment.config: - # type: ha - # eventSyncServer: - # host: localhost - # port: 9893 - # advertisedHost: localhost - # advertisedPort: 9893 - # bossThreads: 10 - # workerThreads: 10 - # eventSyncClientPool: - # maxActive: 10 - # maxTotal: 10 - # maxIdle: 10 - # maxWait: 60000 - # minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-worker-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-worker-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-worker - image: "$image.pull.@.wso2"/wso2am-analytics-worker:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 9764 - protocol: "TCP" - - - containerPort: 9444 - protocol: "TCP" - - - containerPort: 7612 - protocol: "TCP" - - - containerPort: 7712 - protocol: "TCP" - - - containerPort: 9091 - protocol: "TCP" - - - containerPort: 7071 - protocol: "TCP" - - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-worker-conf - configMap: - name: wso2am-pattern-1-am-analytics-worker-conf - - name: mysql-connector-jar - emptyDir: {} ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-1-conf - namespace: wso2 -data: - deployment.toml: | - - [server] - hostname = ""ip.node.k8s.&.wso2.apim"" - node_ip = "$env{NODE_IP}" - # offset=0 - mode = "single" #single or ha - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Production and Sandbox" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://localhost:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://"ip.node.k8s.&.wso2.apim":9099" - wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" - http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" - https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = true - store_api_url = "https://wso2am-pattern-1-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://wso2am-pattern-1-analytics-worker-service:7612"] - analytics_auth_url =["ssl://wso2am-pattern-1-analytics-worker-service:7712"] - #type = "loadbalance" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" - - #[apim.key_manager] - #service_url = "https://localhost:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - #[apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://"ip.node.k8s.&.wso2.apim":30443/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] - allow_credentials = false - - #[apim.throttling] - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "loadbalance" - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "failover" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 30443 ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-am-1-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-am - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - targetPort: 8280 - nodePort: 30280 - - - name: pass-through-https - protocol: TCP - port: 8243 - targetPort: 8243 - nodePort: 30243 - - - name: servlet-http - protocol: TCP - port: 9763 - targetPort: 9763 - nodePort: 30763 - - - name: servlet-https - protocol: TCP - port: 9443 - targetPort: 9443 - nodePort: 30443 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-am-1-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-am - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-am - product: api-manager - spec: - hostAliases: - - ip: "127.0.0.1" - hostnames: - - "wso2apim" - initContainers: - - name: init-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-am-analytics-worker - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z wso2am-pattern-1-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-am - image: "$image.pull.@.wso2"/wso2am:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 2Gi - cpu: 2000m - imagePullPolicy: Always - ports: - - - containerPort: 8280 - protocol: "TCP" - - - containerPort: 8243 - protocol: "TCP" - - - containerPort: 9763 - protocol: "TCP" - - - containerPort: 9443 - protocol: "TCP" - env: - - name: HOST_NAME - value: "wso2apim" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: wso2am-pattern-1-am-1-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-1-conf - configMap: - name: wso2am-pattern-1-am-1-conf - - name: mysql-connector-jar - emptyDir: {} ---- -EOF -} - -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function get_creds(){ - while [[ -z "$WUMUsername" ]] - do - read -p "$(echoBold "Enter your WSO2 subscription username: ")" WUMUsername - if [[ -z "$WUMUsername" ]] - then - echo "wso2-subscription-username cannot be empty" - fi - done - - while [[ -z "$WUMPassword" ]] - do - read -sp "$(echoBold "Enter your WSO2 subscription password: ")" WUMPassword - echo "" - if [[ -z "$WUMPassword" ]] - then - echo "wso2-subscription-password cannot be empty" - fi - done -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt $time_limit ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - if [[ ! $(which base64) ]] - then - display_msg "Please install base64 before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - get_creds #get credentials for - - # get node-ip - get_node_ip - - # create and encode username/password pair - auth="$WUMUsername:$WUMPassword" - authb64=`echo -n $auth | base64` - - # create authorisation code - authstring='{"auths":{"docker.wso2.com":{"username":"'${WUMUsername}'","password":"'${WUMPassword}'","email":"'${WUMUsername}'","auth":"'${authb64}'"}}}' - - # encode in base64 - secdata=`echo -n $authstring | base64` - - for i in $secdata; do - str_sec=$str_sec$i - done - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"k8s.apim.&.auth.wso2"/'$str_sec'/g' $k8s_obj_file - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} -arg=$1 -if [[ -z $arg ]]; then - echoBold "Expected parameter is missing\n" - usage -else - case $arg in - -d|--deploy) - deploy - ;; - -u|--undeploy) - undeploy - ;; - -h|--help) - usage - ;; - *) - echoBold "Invalid parameter : $arg\n" - usage - ;; - esac -fi diff --git a/simple/funcs b/simple/funcs deleted file mode 100644 index cb3aec38..00000000 --- a/simple/funcs +++ /dev/null @@ -1,294 +0,0 @@ -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function get_creds(){ - while [[ -z "$WUMUsername" ]] - do - read -p "$(echoBold "Enter your WSO2 subscription username: ")" WUMUsername - if [[ -z "$WUMUsername" ]] - then - echo "wso2-subscription-username cannot be empty" - fi - done - - while [[ -z "$WUMPassword" ]] - do - read -sp "$(echoBold "Enter your WSO2 subscription password: ")" WUMPassword - echo "" - if [[ -z "$WUMPassword" ]] - then - echo "wso2-subscription-password cannot be empty" - fi - done -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt $time_limit ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - if [[ ! $(which base64) ]] - then - display_msg "Please install base64 before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - get_creds #get credentials for - - # get node-ip - get_node_ip - - # create and encode username/password pair - auth="$WUMUsername:$WUMPassword" - authb64=`echo -n $auth | base64` - - # create authorisation code - authstring='{"auths":{"docker.wso2.com":{"username":"'${WUMUsername}'","password":"'${WUMPassword}'","email":"'${WUMUsername}'","auth":"'${authb64}'"}}}' - - # encode in base64 - secdata=`echo -n $authstring | base64` - - for i in $secdata; do - str_sec=$str_sec$i - done - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"k8s.apim.&.auth.wso2"/'$str_sec'/g' $k8s_obj_file - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} diff --git a/simple/funcs4opensource b/simple/funcs4opensource deleted file mode 100644 index 50f6dc4a..00000000 --- a/simple/funcs4opensource +++ /dev/null @@ -1,252 +0,0 @@ -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt 250 ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - # get node-ip - get_node_ip - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} diff --git a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml b/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml deleted file mode 100644 index ddcb0035..00000000 --- a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,407 +0,0 @@ - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-dashboard-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/DASHBOARD_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERMISSION_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 30643 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://wso2am-pattern-1-am-1-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://"ip.node.k8s.&.wso2.apim":30443/oauth2 - kmTokenUrl: https://wso2am-pattern-1-am-1-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 900 - baseUrl: https://"ip.node.k8s.&.wso2.apim":30646 - grantType: authorization_code - publisherUrl: https://wso2am-pattern-1-am-1-service:9443 - devPortalUrl: https://wso2am-pattern-1-am-1-service:9443 - externalLogoutUrl: https://"ip.node.k8s.&.wso2.apim":30443/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE ---- diff --git a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml b/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml deleted file mode 100644 index 1ac4054c..00000000 --- a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,91 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-dashboard-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-dashboard - image: "$image.pull.@.wso2"/wso2am-analytics-dashboard:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 30646 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - configMap: - name: wso2am-pattern-1-am-analytics-dashboard-conf - - name: mysql-connector-jar - emptyDir: {} ---- diff --git a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml b/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml deleted file mode 100644 index 7cab5057..00000000 --- a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml +++ /dev/null @@ -1,21 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-dashboard-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: 'ui' - port: 30646 - protocol: TCP - targetPort: 30646 - nodePort: 30646 ---- diff --git a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml b/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml deleted file mode 100644 index 51f84f95..00000000 --- a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml +++ /dev/null @@ -1,543 +0,0 @@ - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-worker-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_PERMISSIONS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: org.h2.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/WSO2_CLUSTER_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - maxPoolSize: 10 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - # - - # name: PERSISTENCE_DB - # description: "Datasource used for persistence" - # jndiConfig: - # name: jdbc/PERSISTENCE_DB - # definition: - # type: RDBMS - # configuration: - # connectionTestQuery: "SELECT 1" - # driverClassName: com.mysql.jdbc.Driver - # idleTimeout: 60000 - # isAutoCommit: false - # jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERSISTENCE_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - # maxPoolSize: 10 - # password: pass - # username: root - # validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: false - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 3 - eventPollingInterval: 1000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - - # Sample of deployment.config for Two node HA - #deployment.config: - # type: ha - # eventSyncServer: - # host: localhost - # port: 9893 - # advertisedHost: localhost - # advertisedPort: 9893 - # bossThreads: 10 - # workerThreads: 10 - # eventSyncClientPool: - # maxActive: 10 - # maxTotal: 10 - # maxIdle: 10 - # maxWait: 60000 - # minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin ---- diff --git a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml b/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml deleted file mode 100644 index 50e9e387..00000000 --- a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml +++ /dev/null @@ -1,109 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-worker-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-worker - image: "$image.pull.@.wso2"/wso2am-analytics-worker:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 9764 - protocol: "TCP" - - - containerPort: 9444 - protocol: "TCP" - - - containerPort: 7612 - protocol: "TCP" - - - containerPort: 7712 - protocol: "TCP" - - - containerPort: 9091 - protocol: "TCP" - - - containerPort: 7071 - protocol: "TCP" - - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-worker-conf - configMap: - name: wso2am-pattern-1-am-analytics-worker-conf - - name: mysql-connector-jar - emptyDir: {} ---- diff --git a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml b/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml deleted file mode 100644 index a357c703..00000000 --- a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml +++ /dev/null @@ -1,38 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-worker-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 ---- diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml deleted file mode 100644 index bafa1d65..00000000 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml +++ /dev/null @@ -1,2480 +0,0 @@ - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2apim-mysql-dbscripts - namespace: wso2 -data: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_STATS_DB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT 0, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (FILE_NAME, FILE_TIMESTAMP) - ); - mysql_apim.sql: |- - DROP DATABASE IF EXISTS WSO2AM_DB; - CREATE DATABASE WSO2AM_DB; - GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_DB; - -- Start of IDENTITY Tables-- - CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) - )ENGINE INNODB; - - INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL - ); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - - - - CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - - CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) - )ENGINE INNODB; - - ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - - ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - - CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - - CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; - - -- --------------------------- INDEX CREATION ----------------------------- - -- IDN_OAUTH2_ACCESS_TOKEN -- - CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); - CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); - CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); - CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); - CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); - CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - - -- IDN_OAUTH2_AUTHORIZATION_CODE -- - CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); - CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); - CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); - CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); - - -- IDN_SCIM_GROUP -- - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); - - -- IDN_AUTH_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); - - -- IDN_AUTH_TEMP_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - - -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- - CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - - -- IDN_OAUTH2_SCOPE -- - CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - - -- IDN_OAUTH2_SCOPE_BINDING -- - CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - - -- IDN_OIDC_REQ_OBJECT_REFERENCE -- - CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - - -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- - CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - - -- SP_TEMPLATE -- - CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - - -- IDN_AUTH_USER -- - CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); - CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - - -- IDN_AUTH_USER_SESSION_MAPPING -- - CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); - CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - - -- IDN_OAUTH_CONSUMER_APPS -- - CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - - -- IDX_SPI_APP -- - CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - - -- IDN_OIDC_PROPERTY -- - CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); - - -- IDN_FIDO2_PROPERTY -- - CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - - -- IDN_ASSOCIATED_ID -- - CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - - -- IDN_OAUTH2_TOKEN_BINDING -- - CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); - - -- IDN_FED_AUTH_SESSION_MAPPING -- - CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - - -- End of IDENTITY Tables-- - - -- Start of CONSENT-MGT Tables -- - - CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) - ); - - CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) - ); - - CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) - ); - - CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) - ); - - ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); - - ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); - - INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); - -- End of CONSENT-MGT Tables -- - - -- Start of API-MGT Tables -- - CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - PRIMARY KEY (URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) - )ENGINE INNODB; - - CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, - COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, - API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (COMMENT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (RATING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (APISTORE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) - )ENGINE = INNODB; - - CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - - CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) - )ENGINE = INNODB; - - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); - - - - -- AM Throttling tables -- - - CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) - )ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) - ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) - ENGINE = InnoDB; - - CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - -- BotDATA Email table -- - CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ) ENGINE=InnoDB; - - -- Tenant Themes Table -- - CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) - ) ENGINE=InnoDB; - -- End of API-MGT Tables -- - - -- UMA tables -- - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); - - CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ); - - CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); - - -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- - -- should not have any referential integrity constraints with other tables in AM database-- - CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - -- Performance indexes start-- - - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); - create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); - create index IDX_AAI_CTX on AM_API (CONTEXT); - create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); - create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); - create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); - create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); - create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); - create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); - create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); - create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); - create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); - create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); - - -- Performance indexes end-- - - mysql_shared.sql: |- - DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; - CREATE DATABASE WSO2AM_SHARED_DB; - GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); - - -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. - -- See CARBON-5917. - - CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); - - - CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); - - -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( - -- SRC_PATH_ID INTEGER, - -- SRC_RESOURCE_NAME VARCHAR(256), - -- SRC_VERSION INTEGER, - -- TGT_PATH_ID INTEGER, - -- TGT_RESOURCE_NAME VARCHAR(256), - -- TGT_VERSION INTEGER - -- )ENGINE INNODB; - -- - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); - - - - CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - - ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - - - -- ################################ - -- USER MANAGER TABLES - -- ################################ - - CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) - )ENGINE INNODB; - - CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); - - CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) - )ENGINE INNODB; - - CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); - - CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) - CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) - CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); - - CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); - - CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); - ---- diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml deleted file mode 100644 index da44f322..00000000 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2apim-mysql-deployment - namespace: wso2 -spec: - replicas: 1 - selector: - matchLabels: - deployment: wso2apim-mysql - product: api-manager - template: - metadata: - labels: - deployment: wso2apim-mysql - product: api-manager - spec: - containers: - - name: wso2apim-mysql - image: mysql:5.7 - livenessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - readinessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 999 - env: - - name: MYSQL_ROOT_PASSWORD - value: root - - name: MYSQL_USER - value: wso2carbon - - name: MYSQL_PASSWORD - value: wso2carbon - ports: - - containerPort: 3306 - protocol: TCP - volumeMounts: - - name: wso2apim-mysql-dbscripts - mountPath: /docker-entrypoint-initdb.d - args: ["--max-connections", "10000"] - volumes: - - name: wso2apim-mysql-dbscripts - configMap: - name: wso2apim-mysql-dbscripts - serviceAccountName: "wso2am-pattern-1-svc-account" ---- diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-service.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-service.yaml deleted file mode 100644 index 87d4e574..00000000 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2apim-rdbms-service-mysql - namespace: wso2 -spec: - type: ClusterIP - selector: - deployment: wso2apim-mysql - product: api-manager - ports: - - name: mysql-port - port: 3306 - targetPort: 3306 - protocol: TCP ---- diff --git a/simple/kubernetes-apim/wso2apim-deployment.yaml b/simple/kubernetes-apim/wso2apim-deployment.yaml deleted file mode 100644 index c1208786..00000000 --- a/simple/kubernetes-apim/wso2apim-deployment.yaml +++ /dev/null @@ -1,112 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-am-1-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-am - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-am - product: api-manager - spec: - hostAliases: - - ip: "127.0.0.1" - hostnames: - - "wso2apim" - initContainers: - - name: init-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-am-analytics-worker - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z wso2am-pattern-1-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-am - image: "$image.pull.@.wso2"/wso2am:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 2Gi - cpu: 2000m - imagePullPolicy: Always - ports: - - - containerPort: 8280 - protocol: "TCP" - - - containerPort: 8243 - protocol: "TCP" - - - containerPort: 9763 - protocol: "TCP" - - - containerPort: 9443 - protocol: "TCP" - env: - - name: HOST_NAME - value: "wso2apim" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: wso2am-pattern-1-am-1-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-1-conf - configMap: - name: wso2am-pattern-1-am-1-conf - - name: mysql-connector-jar - emptyDir: {} ---- diff --git a/simple/kubernetes-apim/wso2apim-service.yaml b/simple/kubernetes-apim/wso2apim-service.yaml deleted file mode 100644 index 1883aa05..00000000 --- a/simple/kubernetes-apim/wso2apim-service.yaml +++ /dev/null @@ -1,39 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-am-1-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-am - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - targetPort: 8280 - nodePort: 30280 - - - name: pass-through-https - protocol: TCP - port: 8243 - targetPort: 8243 - nodePort: 30243 - - - name: servlet-http - protocol: TCP - port: 9763 - targetPort: 9763 - nodePort: 30763 - - - name: servlet-https - protocol: TCP - port: 9443 - targetPort: 9443 - nodePort: 30443 ---- diff --git a/simple/kubernetes-basics/namespace.yaml b/simple/kubernetes-basics/namespace.yaml deleted file mode 100644 index 4fbbbc50..00000000 --- a/simple/kubernetes-basics/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ - -apiVersion: v1 -kind: Namespace -metadata: - name: wso2 ---- diff --git a/simple/kubernetes-basics/secrets.yaml b/simple/kubernetes-basics/secrets.yaml deleted file mode 100644 index 3a46929e..00000000 --- a/simple/kubernetes-basics/secrets.yaml +++ /dev/null @@ -1,10 +0,0 @@ - -apiVersion: v1 -kind: Secret -metadata: - name: wso2am-pattern-1-creds - namespace: wso2 -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: "k8s.apim.&.auth.wso2" ---- diff --git a/simple/kubernetes-basics/svcaccount.yaml b/simple/kubernetes-basics/svcaccount.yaml deleted file mode 100644 index 0afeee3c..00000000 --- a/simple/kubernetes-basics/svcaccount.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wso2am-pattern-1-svc-account - namespace: wso2 ----