Runtime Service Configuration
    • 24 Nov 2024
    • 2 Minutes to read
    • Dark
      Light
    • PDF

    Runtime Service Configuration

    • Dark
      Light
    • PDF

    Article summary

    About Runtime Service Configuration

    The PlainID PDP (Runtime service) has a large configuration file that enables fine-tuning and control over various service parameters. While service parameter default values typically suffice, certain scenarios may require adjustments to optimize the PDP's behavior for your organization's specific needs.

    Although you can directly edit the JSON configuration file in a Standalone PAA deployment or inject a full configuration map in a Kubernetes (K8s) PAA deployment, maintaining updated keys is simpler using Environment Variables. The Runtime service supports a naming convention for ENV_VARs that allows you to adjust any configuration key as needed in the Runtime extraEnv section in the values.yaml. Ensure that you add the values you want to adjust in the custom-values.yaml.

    Environment Variables following the naming convention outlined below automatically load and override the default values of configuration keys.

    Environment Variables Naming Convention

    Environment Variable Prefix

    All Runtime configuration keys begin with the predefined prefix RTCONF_

    Hierarchy Naming Syntax

    After the prefix, the Environment Variable name reflects the hierarchical structure of the configuration file, using a double underscore (__) as a separator between hierarchy levels.
    This same double underscore (__) is also used to denote array indices for configuration keys that are defined as arrays.

    Note: A single underscore(_) is used as a word separator within the ENV_VAR name.

    Examples

    The following table demonstrates the naming convention and hierarchical structure for ENV_VARs.

    Config KeyThe config key full JSON PathENV_VAR
    refreshAssetTemplates (root)$.refreshAssetTemplatesRTCONF_REFRESH_ASSET_TEMPLATES
    isSysLogEnable (audit)$.audit.isSysLogEnableRTCONF_AUDIT__IS_SYSLOG_ENABLE
    isHttps (ssl)$.ssl.isHttpsRTCONF_SSL__IS_HTTPS
    type (asset provider)$.assetProvider.connection.typeRTCONF_ASSET_PROVIDER__0__CONNECTION__TYPE

    Logging

    Loading Environment Variables and overriding configuration keys are logged in the Runtime service logs to facilitate troubleshooting.
    Any configuration key replaced by a value defined with an Environment Variable according to this hierarchical structure is logged at the Info level with message in this structure: config.json key <key-name> was overridden by <env-var-name> environment variable.
    Additional logging may also be present in cases of error handling and validation of the Environment Variables naming syntax.

    List of Runtime Configuration Keys

    The table below highlights common Runtime service configuration keys that are relevant for fine-tuning. For additional guidance on configuration, consult the PlainID Professional Services team.

    Config KeyJSON PathDefaultENV_VAR
    Service Port$.httpPort8010RTCONF_HTTP_PORT
    Inject request ID into PIP SQL$.useIdentityPipSqlTraceabilitytrueRTCONF_USE_IDENTITY_PIP_SQL_TRACEABILITY
    Max connection pool size for PIP Assets connectivity$.assetProviders[0].connection.jdbcMaxPoolSize20RTCONF_ASSET_PROVIDER__0__CONNECTION__JDBC_MAX_POOL_SIZE
    Min connection pool size for PIP Assets connectivity$.assetProviders[0].connection.jdbcMinPoolSize5RTCONF_ASSET_PROVIDER__0__CONNECTION__JDBC_MIN_POOL_SIZE
    PIP Assets query timeout$.assetProviders[0].connection.queryTimeoutInSeconds25RTCONF_ASSET_PROVIDER__0__CONNECTION__QUERY_TIMOUT_IN_SECONDS
    Number of Asset provider instances$.assetProviders[0].count20RTCONF_ASSET_PROVIDER__0__COUNT
    Number of parallel thread workers for Asset providers$.assetProviders[0].workerPool20RTCONF_ASSET_PROVIDER__0__WORKER_POOL
    Note: The above Asset provider examples can also apply to identities. Replace ..ASSET_PROVIDER.. with ..ENTITY_PROVIDER...
    Enable auditing with a database$.audit.isDataBaseEnablefalseRTCONF_AUDIT__IS_DATABASE_ENABLE
    Database driver for audit database$.audit.connection.driverNameRTCONF_AUDIT__CONNECTION_DRIVER_NAME
    Audit database host URL$.audit.connection.urlRTCONF_AUDIT__CONNECTION_URL
    Audit database user$.audit.connection.userRTCONF_AUDIT__CONNECTION_USER
    Audit database user password$.audit.connection.passwordRTCONF_AUDIT__CONNECTION_PASSWORD
    Max number of Identities retrieved per Source in User List$.identityAgentLimit1000RTCONF_IDENTITY_AGENT_LIMIT
    Metrics data refresh interval$.runtimeRefreshSnapshot60000msRTCONF_RUNTIME_REFRESH_SNAPSHOT

    Was this article helpful?