Сравнение конфигурационных файлов

В разделе приведено сравнение параметров конфигурационных файлов модулей osmax-core и osmax-provisioner для текущей и предыдущей версий продукта, где:

  • строки с символом «-», выделенные желтым цветом — устаревшие названия параметров/комментариев, которые были частично изменены, полностью заменены или удалены в текущей версии продукта;

  • строки с символом «+», выделенные бледно-зеленым цветом — обновленные названия параметров/комментариев, актуальные для текущей версии продукта;

  • строки с символом «+», выделенные зеленым цветом — новые строки в файле, появившиеся в текущей версии продукта.

  • дополнительно:

    • розовым цветом подсвечены измененные/удаленные элементы;

    • ярко-зеленым цветом подсвечены новые элементы.

Описание параметров см. в разделах «Конфигурация модуля osmax-core» и «Конфигурация модуля osmax-provisioner» соответственно.
Конфигурационный файл модуля osmax-core
core-application-properties-1-14-0.properties → core-application-properties-1-15-0.properties
@@ -1,493 +1,500 @@
1
1
  ## This is an example of `application.properties` file as main configuration file for osmax-core backend
2
2
 
3
3
  ###############################################################################
4
4
  # HTTP server properties section #
5
5
  ###############################################################################
6
6
 
7
7
  ## Main application port
8
8
  quarkus.http.port=8081
9
9
 
10
10
  ## HTTP body limit, can be changed to big files uploading
11
11
  quarkus.http.limits.max-body-size=100M
12
12
 
13
+ ## HTTP header limit, can be changed to big kerberos ticket usage
14
+ quarkus.http.limits.max-header-size=100K
15
+
13
16
  ## SSL configuration section.
14
17
  ## To enable serving requests via HTTPS uncomment the following parameters:
15
18
  #quarkus.http.insecure-requests=disabled
16
19
  #quarkus.http.ssl-port=8081
17
20
  #quarkus.http.ssl.certificate.key-store-file=/opt/osmax-core/keystore.jks
18
21
  #quarkus.http.ssl.certificate.key-store-password=keystore@12345
19
22
 
23
+ # Use async dns resolver from netty.
24
+ # By default, Quarkus disables it, but since we heavily rely on the HTTP client,
25
+ # any DNS probes could become a bottleneck
26
+ #
27
+ # [WARN] If you experience DNS resolution problems in your environment, comment out this parameter
28
+ quarkus.vertx.use-async-dns=true
29
+
20
30
  ###############################################################################
21
31
  # Authentication & Authorization section #
22
32
  ###############################################################################
23
33
 
24
34
  ## Enable/disable authentication
25
35
  osmax.application.auth.disabled=false
26
36
  ## Enables kerberos authentication debug mode
27
37
  #quarkus.kerberos.debug=true
28
38
  ## There are 2 alternative options for the kerberos credentials [principal realm, name and password] defining:
29
39
  ## 1) via direct defining;
30
40
  ## 2) via keytab file path defining
31
41
  ##
32
42
  ## Direct kerberos credentials defining:
33
43
  quarkus.kerberos.service-principal-name=lcm_backend_svc
34
44
  quarkus.kerberos.service-principal-realm=my.domain.com
35
45
  quarkus.kerberos.service-principal-password=Password123
36
46
  ## Path to keytab:
37
47
  #quarkus.kerberos.keytab-path=/opt/osmax-core/my_file.keytab
38
48
 
39
49
  ## Old deprecated authorization based on LDAP-groups only
40
50
  ## List of LDAP groups whose users are authorized in Admin Console
41
51
  #osmax.authorization.user-groups-white-list[0]=CN=testGroup,CN=Users,DC=inno,DC=test
42
52
 
43
53
  # New RBAC
44
54
  osmax.authorization.rbac.enabled=false
45
55
  # The following users will be mapped to the superuser role when the application starts
46
56
  #osmax.authorization.rbac.super-users[0]=alice@INNO.TEST
47
57
  #osmax.authorization.rbac.super-users[1]=bob@INNO.TEST
48
58
 
49
59
  ###############################################################################
50
60
  # Database properties section #
51
61
  ###############################################################################
52
62
 
53
63
  ## Main datasource
54
64
  quarkus.datasource."lcm-db".username=lcm
55
65
  quarkus.datasource."lcm-db".password=password
56
66
  quarkus.datasource."lcm-db".reactive.url=postgresql://localhost:5432/lcm
57
67
  ## If you need to specify default DB schema use the syntax below
58
68
  #quarkus.datasource."lcm-db".reactive.url=postgresql://localhost:5432/lcm?search_path=lcm_schema_name
59
69
 
60
70
  ## If you need to specify few datasource connections for load-balancing or work with clustered db use the syntax below
61
71
  #quarkus.datasource."lcm-db".reactive.url=postgresql://host1:5432/lcm,postgresql://host2:5432/lcm,postgresql://host3:5432/lcm
62
72
  ## Or this can also be written with indexed property syntax
63
73
  #quarkus.datasource."lcm-db".reactive.url[0]=postgresql://host1:5432/lcm
64
74
  #quarkus.datasource."lcm-db".reactive.url[1]=postgresql://host2:5432/lcm
65
75
  #quarkus.datasource."lcm-db".reactive.url[2]=postgresql://host3:5432/lcm
66
76
 
67
77
  ## Main datasource Liquibase config
68
78
  quarkus.datasource."lcm-db".jdbc.url=jdbc:postgresql://localhost:5432/lcm
69
79
  quarkus.liquibase."lcm-db".default-schema-name=lcm
70
80
  quarkus.liquibase."lcm-db".migrate-at-start=True
71
81
 
72
82
  ## Readonly datasource
73
83
  quarkus.datasource."lcm-db-readonly".username=readonly
74
84
  quarkus.datasource."lcm-db-readonly".password=password
75
85
  quarkus.datasource."lcm-db-readonly".reactive.url=postgresql://localhost:5432/lcm
76
86
  quarkus.datasource."lcm-db-readonly".jdbc.url=jdbc:postgresql://localhost:5432/lcm
77
87
 
78
88
  ###############################################################################
79
89
  # Hardware inventory properties section #
80
90
  ###############################################################################
81
91
 
82
92
  # Remote operation orders
83
93
  # Every 10 minutes
84
94
  osmax.inventory.job.remote-operation-expired-orders.cron.expression=0 */10 * ? * *
85
95
 
86
- # Schedule for checking dynamic machine collections refresh executing time (quartz cron format), every 2 min
96
+ # Schedule for checking dynamic MACHINE collections refresh executing time (quartz cron format), every 2 min
87
97
  osmax.inventory.job.dynamic-collections-refresh-executing-time.cron.expr=0 */2 * ? * *
88
- # Splay value in seconds for one-time task of dynamic machine collections refresh
98
+ # Splay value in seconds for one-time task of dynamic MACHINE collections refresh
89
99
  osmax.inventory.job.dynamic-collections-refresh.splay=10
90
100
 
101
+ # Schedule for checking dynamic USER collections refresh executing time (quartz cron format), every 2 min
102
+ osmax.inventory.job.dynamic-user-collections-refresh-executing-time.cron.expr=0 */2 * ? * *
103
+ # Splay value in seconds for one-time task of dynamic USER collections refresh
104
+ osmax.inventory.job.dynamic-user-collections-refresh.splay=10
105
+
91
106
  # Schedule for starting entity cleanup tasks (quartz cron format)
92
107
  # Every 2 minutes
93
108
  osmax.inventory.job.cleanup-tasks-starter-scheduler.cron.expr=0 */2 * ? * *
94
109
 
95
110
  # Determines the maximum amount of machine custom attributes in one section
96
111
  osmax.inventory.machine-attribute.section.size=20
97
112
 
98
113
  # Determines the maximum amount of user custom attributes in one section
99
114
  osmax.inventory.user-attribute.section.size=20
100
115
 
101
116
  # The number of minutes since the last agent activity before the device goes into "Offline" status
102
117
  osmax.inventory.settings.agent.minutes-to-become-offline=5
103
118
  # Absolute file path to `wtmp` file which stores historical data of user logins and logouts
104
119
  osmax.machines.user-sessions.linux.wtmp-absolute-path=/var/log/wtmp
105
120
  # Absolute file path to `utmp` file which stores user sessions in real time
106
121
  osmax.machines.user-sessions.linux.utmp-absolute-path=/var/run/utmp
107
122
  # Option, which determines the considered Salt mode (single- or multimaster), can be true or false
108
123
  osmax.agent-installation.settings.multi-master-mode=true
109
124
  # Absolute path, containing all files which are to be included into bootstrap script configuration archive (.tar.gz)
110
125
  osmax.salt.scripts.bootstrap-script-config-path=/config/script-configs/bootstrap/
111
126
  # Optional parameters, matching salt-ssh connection settings,
112
127
  # see https://docs.saltproject.io/en/latest/ref/runners/all/salt.runners.manage.html#salt.runners.manage.bootstrap
113
128
  #osmax.agent-installation.settings.bootstrap-ssh-user=
114
129
  #osmax.agent-installation.settings.bootstrap-ssh-password=
115
130
  #osmax.agent-installation.settings.bootstrap-ssh-private-key-path=
116
131
 
117
132
  ###############################################################################
118
133
  # LDAP integration properties section #
119
134
  ###############################################################################
120
135
 
121
136
  #enable JNDI for the LDAP server discovery inside the MS AD domain when you define option 'osmax.inventory.ldap.datasource[i].dns-srv-record'
122
137
  quarkus.naming.enable-jndi=true
123
138
  ## Determines the page size for any ldap query
124
139
  osmax.inventory.ldap.search-page-size=200
125
140
  ## The first LDAP datasource configuration
126
141
  osmax.inventory.ldap.datasource[0].name=my.domain.com
127
142
  osmax.inventory.ldap.datasource[0].base-dn=DC=my,DC=domain,DC=com
128
143
  ## There are 2 options to set LDAP hostname pools
129
144
  ## 1) direct addresses defining
130
145
  ## 2) using DNS SRV records to discover LDAP servers from MS AS domain
131
146
  ##
132
147
  ## For the direct addresses defining of LDAP datasource please use the following options:
133
148
  ## osmax.inventory.ldap.datasource[i].host=
134
149
  ## osmax.inventory.ldap.datasource[i].port=
135
150
  ##
136
151
  ## extra hosts section is optional
137
152
  ## osmax.inventory.ldap.datasource[i].extra-hosts[j].host=
138
153
  ## osmax.inventory.ldap.datasource[i].extra-hosts[j].port=
139
154
 
140
155
  ## For the using DNS SRV records to discover LDAP servers from MS AS domain use the following options:
141
156
  ### osmax.inventory.ldap.datasource[i].dns-srv-record=
142
157
  ##
143
158
  ## example below:
144
159
  osmax.inventory.ldap.datasource[0].host=localhost
145
160
  osmax.inventory.ldap.datasource[0].port=636
146
161
  osmax.inventory.ldap.datasource[0].username=administrator@my.domain.com
147
162
  osmax.inventory.ldap.datasource[0].password=Welkom123
148
163
  ## Optional section for the LDAP datasource
149
164
  # osmax.inventory.ldap.datasource[0].connect-timeout-millis=10000
150
165
  # osmax.inventory.ldap.datasource[0].response-timeout=10000
151
166
  # osmax.inventory.ldap.datasource[0].abandon-on-timeout=true
152
167
  # osmax.inventory.ldap.datasource[0].allow-concurrent-socket-factory-use=true
153
168
 
154
169
  ## The second and subsequent LDAP datasource configurations are optional
155
170
  #osmax.inventory.ldap.datasource[1].name=my2.domain.com
156
171
  #osmax.inventory.ldap.datasource[1].base-dn=DC=my2,DC=domain,DC=com
157
172
  #osmax.inventory.ldap.datasource[1].dns-srv-record=_ldap._tcp.dc._msdcs.mydomain.com
158
173
  #osmax.inventory.ldap.datasource[1]...
159
174
 
160
175
  ## LDAPS (LDAP over SSL) parameters section.
161
176
 
162
177
  # To configure LDAPS please use the following option
163
178
  #osmax.inventory.ldap.datasource[i].ssl=...
164
179
  # There are 3 options available for this option:
165
180
  # value `false` - use this mode when you want to use LDAP without SSL (usually 389 port)
166
181
  # value `true` - use this mode when you want to use LDAPS (usually 636 port), requires path to the certificate file or truststore file
167
182
  # value `start-tls` - use this mode when you want to establish an insecure connection (usually 389 port),
168
183
  # but then to immediately use the StartTLS extended operation to convert that insecure connection to a secure one
169
184
 
170
185
  # If you want to trust all SSL certificates without direct certificate/truststore definition you can use the option
171
186
  # osmax.inventory.ldap.datasource[i].trust-all-ssl-certificates=true
172
187
 
173
188
  ## The following example shows how to configure LDAPS with certificate file definition for the datasource
174
189
  #osmax.inventory.ldap.datasource[0].ssl=true
175
190
  #osmax.inventory.ldap.datasource[0].ssl-certificate=/opt/osmax-core/samba_cert.pem
176
191
 
177
192
  ## The following example shows how to configure LDAPS with truststore file definition for the datasource
178
193
  #osmax.inventory.ldap.datasource[0].ssl=true
179
194
  #osmax.inventory.ldap.datasource[0].ssl-trust-store=/opt/osmax-core/keystore.jks
180
195
  #osmax.inventory.ldap.datasource[0].ssl-trust-store-type=PKCS12
181
196
  #osmax.inventory.ldap.datasource[0].ssl-trust-store-password=keystore@12345
182
197
 
183
198
  ## The following example shows how to configure LDAPS with truststore file definition for all datasource
184
199
  #osmax.inventory.ldap.ssl-trust-store=/opt/osmax-core/keystore.jks
185
200
  #osmax.inventory.ldap.ssl-trust-store-type=JKS
186
201
  #osmax.inventory.ldap.ssl-trust-store-password=keystore@12345
187
202
 
188
203
 
189
204
  ###############################################################################
190
205
  # Application Store properties section #
191
206
  ###############################################################################
192
207
 
193
208
  # Determines the amount of hours after which order is considered failed
194
209
  osmax.order-management.completion.time.hours=12
195
210
  # Schedule for tracking long-running orders as failed (quartz cron format)
196
211
  # [At second :00 of minute :00 of every hour]
197
212
  osmax.order-management.autocomplete.cron.expr=0 0 * ? * * *
198
213
 
199
214
  ###############################################################################
200
215
  # Kafka messages section #
201
216
  ###############################################################################
202
217
 
203
218
  ## Kafka bootstrap servers (comma separated)
204
219
  mp.messaging.connector.smallrye-kafka.bootstrap.servers=localhost:9092
205
220
  # Kafka topic name
206
221
  mp.messaging.incoming.salt-events-kafka.topic=salt-topic
207
222
  mp.messaging.outgoing.core-os-reinstallation-machines.topic=osmax-core.os.reinstallation.machines
208
223
  mp.messaging.incoming.provisioner-os-reinstallation-machine-registration-statuses.topic=osmax-provisioner.os.reinstallation.machines.registration.statuses
209
224
  mp.messaging.incoming.provisioner-os-installed-events-kafka.topic=provisioner-topic
210
225
  mp.messaging.incoming.provisioner-os-installed-events-kafka.dead-letter-queue.topic=provisioner-dlq-topic
226
+ mp.messaging.outgoing.assignment-machines-update-tasks-out.topic=assignment-machines-update-tasks
227
+ mp.messaging.incoming.assignment-machines-update-tasks-in.topic=assignment-machines-update-tasks
211
228
 
212
229
  ## The provisioner-os-installed-events-kafka listener support retry strategy,
213
230
  ## default values are maxRetries=3, delay=100ms and jitter=0, to change retry settings use
214
231
  #tech.inno.lcm.provisioner.events.ProvisionerEventsListener/consume/Retry/maxRetries=0
215
232
  ## See more info https://quarkus.io/guides/smallrye-fault-tolerance#runtime-configuration
216
233
  ## and available options https://github.com/eclipse/microprofile-fault-tolerance/blob/main/api/src/main/java/org/eclipse/microprofile/faulttolerance/Retry.java
217
234
 
218
235
  ## Kafka SSL connection parameters section.
219
236
  ## To enable SSL connection mode uncomment three following parameters:
220
237
  #mp.messaging.connector.smallrye-kafka.security.protocol=SSL
221
238
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.location=/etc/ssl/certs/java/cacerts
222
239
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.password=changeit
223
240
  ## Optionally if the custom truststore is used:
224
241
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
225
242
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.type=PKCS12
226
243
 
227
244
  ## To enable mutual TLS connection mode uncomment three following parameters, along with configuration above:
228
245
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.location=/opt/osmax-core/keystore.jks
229
246
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.password=keystore@12345
230
247
  ## Optionally if the custom keystore is used:
231
248
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
232
249
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.type=PKCS12
233
250
 
234
251
  ###############################################################################
235
252
  # REST clients common configuration #
236
253
  ###############################################################################
237
254
 
238
255
  ## SSL connection parameters sections.
239
256
  ## To enable accessing REST endpoints via HTTPS uncomment two following parameters:
240
257
  #quarkus.rest-client.trust-store=/etc/ssl/certs/java/cacerts
241
258
  #quarkus.rest-client.trust-store-password=changeit
242
259
  ## Optionally if the custom truststore is used:
243
260
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
244
261
  #quarkus.rest-client.trust-store-type=PKCS12
245
262
  ## For disabling SSL connection verification you can use option below
246
263
  #quarkus.rest-client.remote-access.trust-all=true
247
264
 
248
265
  ###############################################################################
249
266
  # SaltStack integration section #
250
267
  ###############################################################################
251
268
 
252
269
  osmax.salt-adapter.command-runner.http-scheme=http
253
270
  osmax.salt-adapter.command-runner.master-api-port=8000
254
271
  osmax.salt-adapter.command-runner.global-auth.eauth=pam
255
272
  osmax.salt-adapter.command-runner.global-auth.login=salt_api
256
273
  osmax.salt-adapter.command-runner.global-auth.password=123
257
274
  osmax.salt-adapter.command-runner.retry.number-of-attempts=5
258
275
  osmax.salt-adapter.command-runner.retry.initial-back-off=1s
259
276
  osmax.salt-adapter.command-runner.retry.max-back-off=1s
260
277
 
261
278
  ## Salt masters configuration section.
262
279
  ## Optional, this section should be used when backend server can't resolve salt master by DNS name
263
280
  #osmax.salt-adapter.command-runner.override-masters[0].id=salt-master1
264
281
  #osmax.salt-adapter.command-runner.override-masters[0].uri=http://192.168.0.1:8000
265
282
 
266
283
  ## The second and other Salt masters can be configured in the same way
267
284
  #osmax.salt-adapter.command-runner.override-masters[1].id=salt-master2
268
285
  #osmax.salt-adapter.command-runner.override-masters[1].uri=http://192.168.0.2:8000
269
286
 
270
287
  ###############################################################################
271
288
  # Remote access service integration section #
272
289
  ###############################################################################
273
290
 
274
291
  # URL to the guacamole remote access service
275
292
  quarkus.rest-client.remote-access.url=https://guacamole-host.net:9099/guacamole
276
293
  # for an advanced configuration of the quarkus REST client to the guacamole service you can set up the following settings group
277
294
  # Timeout specified in milliseconds to wait to connect to the remote endpoint.
278
295
  #quarkus.rest-client.remote-access.connect-timeout=<millis>
279
296
  # Timeout specified in milliseconds to wait for a response from the remote endpoint.
280
297
  #quarkus.rest-client.remote-access.read-timeout=<millis>
281
298
  #quarkus.rest-client.remote-access.trust-store
282
299
  #quarkus.rest-client.remote-access.trust-store-password
283
300
  #quarkus.rest-client.remote-access.trust-store-type
284
301
  #quarkus.rest-client.remote-access.key-store
285
302
  #quarkus.rest-client.remote-access.key-store-password
286
303
  #quarkus.rest-client.remote-access.key-store-type
287
304
  #quarkus.rest-client.remote-access.hostname-verifier
288
305
  #quarkus.rest-client.remote-access.connection-ttl
289
306
  #and others
290
307
  #quarkus.rest-client.remote-access.***
291
308
 
292
309
  # system account login for the guacamole remote access service
293
310
  osmax.inventory.remote-access.username=admin
294
311
  # system account login password for the guacamole remote access service
295
312
  osmax.inventory.remote-access.password=password
296
313
 
297
314
  ###############################################################################
298
315
  # S3 integration section #
299
316
  ###############################################################################
300
317
 
301
318
  # contains a list of S3 server URIs
302
319
  osmax.salt-adapter.s3.server-uri-list=http://localhost:9000,http://localhost:9900
303
320
  ## To enable SSL connection mode replace 'osmax.salt-adapter.s3.server-uri-list' parameter with following value:
304
321
  #osmax.salt-adapter.s3.server-uri-list=https://localhost:9000,https://localhost:9900
305
322
  osmax.salt-adapter.s3.access-key-id=s3adminSalt
306
323
  osmax.salt-adapter.s3.secret-access-key=s3adminSaltPassword
307
324
  osmax.salt-adapter.s3.region=ru-location-1
308
325
  osmax.salt-adapter.s3.connection-timeout=1s
309
326
  osmax.salt-adapter.s3.num-retries=3
310
327
  osmax.salt-adapter.s3.initial-retry-delay-millis=100
311
328
  osmax.salt-adapter.s3.max-retry-delay-millis=1000
312
329
  osmax.salt-adapter.s3.state-bucket-name=salt-bucket
313
330
  osmax.salt-adapter.s3.script-bucket-name=script-bucket
314
331
 
315
332
  # Schedule for pillar top.sls update
316
333
  # Every 30 seconds
317
334
  osmax.inventory.job.salt-assignment-mapping-update.cron.expr=0/30 * * ? * *
318
335
  # Schedule for fetching tasks for update salt s3 files (pillars and highstate)
319
336
  # Every 5 seconds
320
337
  osmax.inventory.job.salt-assignment-update.cron.expr=0/5 * * ? * *
321
338
 
322
339
  ###############################################################################
323
340
  # Multimedia service section #
324
341
  ###############################################################################
325
342
 
326
343
  # contains a list of S3 server URIs
327
344
  osmax.multimedia.s3.server-uri-list=http://localhost:9000,http://localhost:9900
328
345
  ## To enable SSL connection mode replace 'osmax.multimedia.s3.server-uri-list' parameter with following value:
329
346
  #osmax.multimedia.s3.server-uri-list=https://localhost:9000,https://localhost:9900
330
347
  osmax.multimedia.s3.access-key-id=s3adminMultimedia
331
348
  osmax.multimedia.s3.secret-access-key=s3adminMultimediaPassword
332
349
  osmax.multimedia.s3.region=ru-location-1
333
350
  osmax.multimedia.s3.connection-timeout=1s
334
351
  osmax.multimedia.s3.num-retries=3
335
352
  osmax.multimedia.s3.initial-retry-delay-millis=100
336
353
  osmax.multimedia.s3.max-retry-delay-millis=1000
337
354
  osmax.multimedia.s3.icons-bucket-name=multimedia-bucket
338
355
  osmax.multimedia.s3.images-bucket-name=multimedia-bucket
339
356
  osmax.multimedia.s3.others-bucket-name=multimedia-bucket
340
357
  osmax.multimedia.s3.script-bucket-name=script-bucket
341
358
  osmax.multimedia.common.max-file-size-kb=1024
342
359
  osmax.multimedia.common.download-token-ttl-seconds=3600
343
360
  osmax.multimedia.common.expired-tokens-deletion-cron=0 0 * ? * *
344
361
  # Contains current nginx frontend uri, used to form bootstrap script installation link
345
362
  osmax.multimedia.common.frontend-uri=http://localhost:8081
346
363
 
347
364
  ###############################################################################
348
365
  # Configurations manager section #
349
366
  ###############################################################################
350
367
 
351
368
  # Determines maximum amount of categories per one configuration
352
369
  osmax.catalog.category.configuration-limit=5
353
370
  # Determines total amount of categories
354
371
  osmax.catalog.category.total-limit=15
355
372
  # Determines maximum salt-agent installation script file size in megabytes
356
373
  osmax.catalog.script.max-script-size-mbytes=10
357
374
  # Determines allowed interval in milliseconds between comparing dates
358
375
  # Under this interval the two dates will be considered equal
359
376
  # Deprecated since 1.11.0
360
377
  # osmax.catalog.common.dates-comparing-accuracy-millis=100
361
378
  # use osmax.optimistic-locks.dates-comparing-accuracy-millis
362
379
 
363
380
  ###############################################################################
364
381
  # Software inventory section #
365
382
  ###############################################################################
366
383
  osmax.inventory.software.sync-cache-data-cron=0 0 0/1 ? * *
367
384
  osmax.inventory.software.stale-cache-data-age-minutes=120
368
385
 
369
386
  ###############################################################################
370
387
  # Logging section #
371
388
  ###############################################################################
372
389
 
373
390
  # Common logging config
374
391
  quarkus.log.file.enable=true
375
392
  quarkus.log.json.file.enable=true
376
393
  quarkus.log.json.console.enable=false
377
394
 
378
395
  # File logging config
379
396
  quarkus.log.file.path=/var/log/osmax/core/osmax-core.log
380
397
  quarkus.log.file.rotation.max-file-size=10M
381
398
  quarkus.log.file.rotation.max-backup-index=5
382
399
  quarkus.log.file.rotation.file-suffix=.yyyy-MM-dd.gz
383
400
 
384
401
  # Json format config
385
402
  quarkus.log.json.fields.mdc.flat-fields=true
386
403
  quarkus.log.json.fields.timestamp.date-format=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
387
404
  quarkus.log.json.fields.timestamp.zone-id=UTC
388
405
 
389
406
  # Audit logging config
390
407
  quarkus.log.handler.file.audit-handler.enable=true
391
408
  quarkus.log.handler.file.audit-handler.path=/var/log/osmax/core/audit-osmax-core.log
392
409
  quarkus.log.handler.file.audit-handler.rotation.max-file-size=10M
393
410
  quarkus.log.handler.file.audit-handler.rotation.max-backup-index=50
394
411
  quarkus.log.handler.file.audit-handler.rotation.file-suffix=.yyyy-MM-dd
395
412
 
396
413
  quarkus.log.category."AUDIT".level=INFO
397
414
  quarkus.log.category."AUDIT".handlers=audit-handler
398
415
  quarkus.log.category."AUDIT".use-parent-handlers=false
399
416
 
400
417
  ###############################################################################
401
418
  # Debug section #
402
419
  # Enable all logging events via environment variable `QUARKUS_PROFILE=debug` #
403
420
  # or delete `%debug.` prefix #
404
421
  ###############################################################################
405
422
 
406
423
  # HTTP server access logs (uri + status)
407
424
  %debug.quarkus.http.access-log.enabled=true
408
425
 
409
426
  # Internal rest-client
410
427
  %debug.quarkus.rest-client.logging.scope=request-response
411
428
  %debug.quarkus.rest-client.logging.body-limit=500
412
429
  %debug.quarkus.log.category."org.jboss.resteasy.reactive.client.logging".level=DEBUG
413
430
  %debug.quarkus.log.category."org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext".level=DEBUG
414
431
 
415
432
  # SaltStack events
416
433
  %debug.quarkus.log.category."tech.inno.lcm.salt.events".level=DEBUG
417
434
 
418
435
  # All backend services
419
436
  %debug.quarkus.log.category."tech.inno.lcm".level=DEBUG
420
437
 
421
438
  # Kerberos
422
439
  %debug.quarkus.kerberos.debug=true
423
440
  %debug.quarkus.log.category."io.quarkiverse.kerberos.runtime.KerberosIdentityProvider".level=TRACE
424
441
  %debug.quarkus.log.category."io.quarkiverse.kerberos.runtime.KerberosIdentityProvider".min-level=TRACE
425
442
 
426
443
  # AWS client
427
444
  %debug.quarkus.log.category."software.amazon.awssdk.request".level=DEBUG
428
445
 
429
446
  ###############################################################################
430
447
  # Quarkus framework section #
431
448
  ###############################################################################
432
449
 
433
450
  # application is run under specific user, those settings allow not clashing with other quarkus apps on the same server
434
451
  quarkus.http.body.uploads-directory=${java.io.tmpdir}/osmax_core_uploads
435
452
  quarkus.management.body.uploads-directory=${java.io.tmpdir}/osmax_core_uploads
436
453
 
437
454
  ###############################################################################
438
455
  # Locks section #
439
456
  ###############################################################################
440
457
  osmax.pessimistic-locks.enabled=true
441
458
  osmax.pessimistic-locks.auto-unlock.threshold.seconds=3600
442
459
  osmax.pessimistic-locks.auto-unlock.job.interval.seconds=600
443
460
 
444
461
  osmax.optimistic-locks.enabled=true
445
462
  # Determines allowed interval in milliseconds between comparing dates
446
463
  # Under this interval the two dates will be considered equal hen checking optimistic lock by date
447
464
  #osmax.optimistic-locks.dates-comparing-accuracy-millis=100
448
465
 
449
466
  ###############################################################################
450
467
  # Predefined objects properties section #
451
468
  ###############################################################################
452
469
  osmax.predefined-objects-import.enabled=true
453
470
  osmax.predefined-objects-import.custom-grains.src=custom-grains
454
471
  osmax.predefined-objects-import.execution-modules.src=execution-modules
455
472
  osmax.predefined-objects-import.salt-scripts.src=salt-scripts
456
473
  osmax.predefined-objects-import.formulas.src=formulas
457
474
  osmax.predefined-objects-import.formulas.meta.src=formulas-meta
458
475
  osmax.predefined-objects-import.configurations.meta.src=specifications/meta
459
476
  osmax.predefined-objects-import.scripts.src=scripts
460
477
 
461
478
  ###############################################################################
462
479
  # Observability section #
463
480
  ###############################################################################
464
481
 
465
482
  # Whether LDAP healthcheck is enabled
466
483
  osmax.management.healthcheck.ldap.enabled=false
467
484
  # Whether S3 healthcheck is enabled
468
485
  osmax.management.healthcheck.s3.enabled=false
469
-
470
- # Whether publishing to ElasticSearch is enabled
471
- osmax.micrometer.export.elastic.enabled=false
472
- # The index name to write metrics to
473
- osmax.micrometer.export.elastic.index=osmax-metrics
474
- # The index date format used for rolling indices. This is appended to the index name, separated by '-'
475
- osmax.micrometer.export.elastic.indexDateFormat=yyyy-MM-dd
476
- # Whether to create the index automatically if it doesn't exist
477
- osmax.micrometer.export.elastic.autoCreateIndex=true
486
+ # Whether Guacamole healthcheck is enabled
487
+ osmax.management.healthcheck.guacamole.enabled=true
488
+
489
+ # Whether publishing metrics to Kafka is enabled
490
+ osmax.micrometer.export.kafka.enabled=false
478
491
  # The step size (reporting frequency) to use. The default is 1 minute.
479
- osmax.micrometer.export.elastic.step=60s
480
- # The host to send metrics to
481
- osmax.micrometer.export.elastic.host=http://elastisearch:9200
482
- # The Basic Authentication username. If 'apiKeyCredentials' is configured, it will be used for authentication instead of this.
483
- #osmax.micrometer.export.elastic.userName=
484
- # The Basic Authentication password. If 'apiKeyCredentials' is configured, it will be used for authentication instead of this.
485
- #osmax.micrometer.export.elastic.password=
486
- # Base64-encoded credentials string.
487
- # From a generated API key, concatenate in UTF-8 format the unique id, a colon (:), and the api_key in the following format:
488
- # <id>:<api_key>
489
- # The above should be the input for Base64 encoding, and the output is the credentials returned by this method.
490
- # If configured, ApiKey type authentication is used instead of username/ password authentication.
491
- #osmax.micrometer.export.elastic.apiKeyCredentials=
492
- # Enable _source in the default index template optionally created if one does not exist by 'autoCreateIndex'
493
- osmax.micrometer.export.elastic.enableSource=false
492
+ osmax.micrometer.export.kafka.step=60s
493
+
494
+ # Topic for Kafka Meter Registry
495
+ mp.messaging.outgoing.osmax-observer-metrics.topic=osmax-observer.metrics
496
+
497
+ # Topic for Observer Events
498
+ mp.messaging.outgoing.osmax-observer-events.topic=osmax-observer.events
499
+
500
+ osmax.metrics.calculation.cron = 0/10 * * * * ?
Конфигурационный файл модуля osmax-provisioner
provisioner-application-properties-1-14-0.properties → provisioner-application-properties-1-15-0.properties
@@ -1,244 +1,240 @@
1
1
  ## This is an example of `application.properties` file as main configuration file for osmax-provisioner backend
2
2
 
3
3
  ###############################################################################
4
4
  # HTTP server properties section #
5
5
  ###############################################################################
6
6
 
7
7
  ## Main application port
8
8
  quarkus.http.port=8082
9
9
 
10
10
  ###############################################################################
11
11
  # SSL configuration section. #
12
12
  ###############################################################################
13
13
 
14
14
  ## To enable serving requests via HTTPS uncomment the following parameters:
15
15
  #quarkus.http.insecure-requests=disabled
16
16
  #quarkus.http.ssl-port=8082
17
17
  #quarkus.http.ssl.certificate.key-store-file=/opt/osmax-provisioner/keystore.jks
18
18
  #quarkus.http.ssl.certificate.key-store-password=keystore@12345
19
19
 
20
20
  ###############################################################################
21
21
  # REST clients common configuration #
22
22
  ###############################################################################
23
23
 
24
24
  ## SSL connection parameters sections.
25
25
  ## To enable accessing REST endpoints via HTTPS uncomment two following parameters:
26
26
  #quarkus.rest-client.trust-store=/etc/ssl/certs/java/cacerts
27
27
  #quarkus.rest-client.trust-store-password=changeit
28
28
  ## Optionally if the custom truststore is used:
29
29
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
30
30
  #quarkus.rest-client.trust-store-type=PKCS12
31
31
  ## For disabling SSL connection verification you can use option below
32
32
  #quarkus.rest-client.remote-access.trust-all=true
33
33
 
34
34
  ###############################################################################
35
35
  # Security section #
36
36
  ###############################################################################
37
37
 
38
38
  ## Enable/disable authentication
39
39
  osmax.provisioner.security.authentication.enabled=true
40
40
 
41
41
  ## Enable/disable role-based authorization
42
42
  osmax.provisioner.security.rbac.enabled=false
43
43
 
44
44
  ## osmax-core base url (source of user permissions info)
45
45
  # Should be set even if osmax.provisioner.security.rbac.enabled is false
46
46
  # To enable access via HTTPS use corresponding prefix in base url
47
47
  # and configure REST client using REST clients common configuration section above
48
48
  quarkus.rest-client."tech.inno.lcm.provisioner.common.security.OsmaxPermissionsService".url=<osmax-core base url>
49
49
 
50
50
  ## Kerberos authentication configuration section
51
51
  ## There are 2 alternative options for defining Kerberos credentials [principal realm, name and password]:
52
52
  ## 1) via setting values in properties directly
53
53
  ## 2) via setting path to keytab file
54
54
  ##
55
55
  ## Direct Kerberos credentials definition:
56
56
  quarkus.kerberos.service-principal-name=<service_principal_name>
57
57
  quarkus.kerberos.service-principal-realm=<service.domain>
58
58
  quarkus.kerberos.service-principal-password=<service_principal_password>
59
59
  ## Direct Kerberos credentials definition for REST client, reuse service settings:
60
60
  kerberos-client.user-principal-name=${quarkus.kerberos.service-principal-name}
61
61
  kerberos-client.user-principal-password=${quarkus.kerberos.service-principal-password}
62
62
  kerberos-client.user-principal-realm=${quarkus.kerberos.service-principal-realm}
63
63
  kerberos-client.service-principal-name=${quarkus.kerberos.service-principal-name}
64
64
  ## Kerberos keytab file definition:
65
65
  #quarkus.kerberos.keytab-path=</path/to/keytab/file>
66
66
  #kerberos-client.keytab-path=</path/to/keytab/file>
67
67
 
68
68
  ## Enables Kerberos authentication debug mode
69
69
  #quarkus.kerberos.debug=true
70
70
  #kerberos-client.debug=true
71
71
  ## REST client debug
72
72
  #quarkus.rest-client.logging.scope=request-response
73
73
  #quarkus.rest-client.logging.body-limit=50
74
74
  #quarkus.log.category."org.jboss.resteasy.reactive.client.logging".level=DEBUG
75
75
 
76
76
  ###############################################################################
77
77
  # Database properties section #
78
78
  ###############################################################################
79
79
 
80
80
  ## Common configuration for datasources
81
81
  quarkus.datasource.username=<db-username>
82
82
  quarkus.datasource.password=<db-password>
83
83
  ## Reactive datasource configuration for app
84
84
  quarkus.datasource.reactive.url=postgresql://<db-host>:<db-port>/<db-name>
85
85
  ## Datasource configuration for Liquibase
86
86
  quarkus.datasource.jdbc.url=jdbc:postgresql://<db-host>:<db-port>/<db-name>
87
87
 
88
88
  ## If you need to specify multiple datasource connections for load-balancing or working with clustered db use the syntax below
89
89
  #quarkus.datasource."osmax_provisioner_db".reactive.url=postgresql://host1:5432/lcm_provisioner,postgresql://host2:5432/lcm_provisioner,postgresql://host3:5432/lcm_provisioner
90
90
  ## Or this can also be written with indexed property syntax
91
91
  #quarkus.datasource."osmax_provisioner_db".reactive.url[0]=postgresql://host1:5432/lcm_provisioner
92
92
  #quarkus.datasource."osmax_provisioner_db".reactive.url[1]=postgresql://host2:5432/lcm_provisioner
93
93
  #quarkus.datasource."osmax_provisioner_db".reactive.url[2]=postgresql://host3:5432/lcm_provisioner
94
94
 
95
95
  ## Liquibase parameters which are used in changelog files
96
96
  quarkus.liquibase.change-log-parameters.index_tablespace=pg_default
97
97
  quarkus.liquibase.change-log-parameters.data_tablespace=pg_default
98
98
  quarkus.liquibase.change-log-parameters.installation_distro_repository_url=http://<astra-linux-repository-location>
99
99
  quarkus.liquibase.change-log-parameters.installation_distro_kernel=</path/to/kernel>
100
100
  quarkus.liquibase.change-log-parameters.installation_distro_initrd=</path/to/initrd>
101
101
  quarkus.liquibase.change-log-parameters.distro_repository_hostname=<astra-linux-repository-location>
102
102
  quarkus.liquibase.change-log-parameters.distro_repository_directory=</path/to/repository>
103
103
 
104
104
  ###############################################################################
105
105
  # Template engine properties section #
106
106
  ###############################################################################
107
107
 
108
108
  ## To specify custom template placeholders which can be used in Jinja templates use a key-value format like
109
109
  ## 'osmax.provisioner.template-engine.template-placeholders.my_custom_placeholder=my-value-for-custom-placeholder'
110
110
  ## Be aware that specified custom template placeholders
111
111
  ## should be used in exact format as they are specified in this configuration
112
112
  ## To enable SSL connection mode replace
113
113
  ## 'osmax.provisioner.template-engine.template-placeholders.osmax_provisioner_base_url' parameter with following value:
114
114
  #osmax.provisioner.template-engine.template-placeholders.osmax_provisioner_base_url=https://<osmax-provisioner-host>:<port>
115
115
  osmax.provisioner.template-engine.template-placeholders.osmax_provisioner_base_url=http://<osmax-provisioner-host>:<port>
116
116
  osmax.provisioner.template-engine.template-placeholders.unattended_install_file_url=/v1/unattended_install_files
117
117
  osmax.provisioner.template-engine.template-placeholders.repository_cert_url=</path/to/certificate>
118
118
 
119
119
  ###############################################################################
120
120
  # Installation process properties section #
121
121
  ###############################################################################
122
122
 
123
123
  osmax.provisioner.installation-process.steps.READY_TO_INSTALL=\u0413\u043E\u0442\u043E\u0432\u043E \u043A \u0443\u0441\u0442\u0430\u043D\u043E\u0432\u043A\u0435
124
124
  osmax.provisioner.installation-process.steps.IN_PROCESS_EARLY=\u0417\u0430\u043F\u0443\u0449\u0435\u043D \u043F\u0440\u043E\u0446\u0435\u0441\u0441 \u0443\u0441\u0442\u0430\u043D\u043E\u0432\u043A\u0438 Astra Linux SE
125
125
  osmax.provisioner.installation-process.steps.INSTALL_ERROR_KERNEL=\u041E\u0448\u0438\u0431\u043A\u0430 \u043F\u043E\u043B\u0443\u0447\u0435\u043D\u0438\u044F \u0444\u0430\u0439\u043B\u0430 kernel
126
126
  osmax.provisioner.installation-process.steps.INSTALL_ERROR_INITRD=\u041E\u0448\u0438\u0431\u043A\u0430 \u043F\u043E\u043B\u0443\u0447\u0435\u043D\u0438\u044F \u0444\u0430\u0439\u043B\u0430 initrd
127
127
  osmax.provisioner.installation-process.steps.INSTALL_ERROR_BOOT=\u041E\u0448\u0438\u0431\u043A\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043A\u0438 \u044F\u0434\u0440\u0430
128
128
  osmax.provisioner.installation-process.steps.FINISHED=\u041E\u0421 \u0443\u0441\u0442\u0430\u043D\u043E\u0432\u043B\u0435\u043D\u0430
129
129
 
130
130
  ## Unprovisioned machines export configuration
131
131
  osmax.provisioner.installation-process.machine-export.scheduler-cron-expression=0 */10 * ? * *
132
132
  osmax.provisioner.installation-process.machine-export.batch-size=100
133
133
 
134
134
  ## Unprovisioned machines import configuration
135
135
  osmax.provisioner.installation-process.machine-import.default-network-interface-names=eth0,enp0s3
136
136
 
137
137
  ###############################################################################
138
138
  # Scheduler properties section #
139
139
  ###############################################################################
140
140
 
141
141
  # Defines how often the scheduler checks for tasks due to execution
142
142
  osmax.provisioner.scheduler.polling-interval=10s
143
143
 
144
144
  ###############################################################################
145
145
  # Bootable images properties section #
146
146
  ###############################################################################
147
147
 
148
148
  ## Universal boot image paths
149
149
  osmax.provisioner.universal-boot-image.ipxe_lkrn_url=insert-your-path
150
150
  osmax.provisioner.universal-boot-image.isohdpxf_bin_url=insert-your-path
151
151
  osmax.provisioner.universal-boot-image.isolinux_bin_url=insert-your-path
152
152
  osmax.provisioner.universal-boot-image.ldlinux_c32_url=insert-your-path
153
153
  osmax.provisioner.universal-boot-image.menu_c32_url=insert-your-path
154
154
  osmax.provisioner.universal-boot-image.ipxe_x86_64_efi_url=insert-your-path
155
155
 
156
156
  ###############################################################################
157
157
  # S3 integration section #
158
158
  ###############################################################################
159
159
 
160
160
  ## S3 server configuration
161
161
  ## To enable SSL connection mode replace 'osmax.provisioner.s3.server-uri' parameter with following value:
162
162
  #osmax.provisioner.s3.server-uri=https://<s3-host>:<s3-port>
163
163
  osmax.provisioner.s3.server-uri=http://<s3-host>:<s3-port>
164
164
  osmax.provisioner.s3.access-key-id=<s3-access-key-id>
165
165
  osmax.provisioner.s3.secret-access-key=<s3-secret-access-key>
166
166
  osmax.provisioner.s3.region=ru-location-1
167
167
 
168
168
  ## Path to ISO images bucket where generated ISO images will be located
169
169
  osmax.provisioner.s3.bootable-images-bucket-name=os-installation-iso-images-bucket
170
170
 
171
171
  ###############################################################################
172
172
  # Kafka integration section #
173
173
  ###############################################################################
174
174
 
175
175
  mp.messaging.connector.smallrye-kafka.bootstrap.servers=localhost:19092
176
176
  mp.messaging.outgoing.machine-installation-status.topic=provisioner-topic
177
177
  mp.messaging.incoming.reinstallation-machines-import.topic=osmax-core.os.reinstallation.machines
178
178
  mp.messaging.outgoing.reinstallation-machines-import-result.topic=osmax-provisioner.os.reinstallation.machines.registration.statuses
179
179
 
180
180
  ## Kafka SSL connection parameters section.
181
181
  ## To enable SSL connection mode uncomment three following parameters:
182
182
  #mp.messaging.connector.smallrye-kafka.security.protocol=SSL
183
183
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.location=/etc/ssl/certs/java/cacerts
184
184
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.password=changeit
185
185
  ## Optionally if the custom truststore is used:
186
186
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
187
187
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.type=PKCS12
188
188
 
189
189
  ## To enable mutual TLS connection mode uncomment three following parameters, along with configuration above:
190
190
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.location=/opt/osmax-provisioner/keystore.jks
191
191
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.password=keystore@12345
192
192
  ## Optionally if the custom keystore is used:
193
193
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
194
194
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.type=PKCS12
195
195
 
196
196
  ###############################################################################
197
197
  # Logging section #
198
198
  ###############################################################################
199
199
 
200
200
  # Common logging config
201
201
  quarkus.log.file.enable=true
202
202
  quarkus.log.json.file.enable=true
203
203
  quarkus.log.json.console.enable=false
204
204
 
205
205
  # Json log format config
206
206
  quarkus.log.json.fields.mdc.flat-fields=true
207
207
  quarkus.log.json.fields.timestamp.date-format=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
208
208
  quarkus.log.json.fields.timestamp.zone-id=UTC
209
209
 
210
210
  # File logging config
211
211
  quarkus.log.file.path=/var/log/osmax/provisioner/osmax-provisioner.log
212
212
  quarkus.log.file.rotation.max-file-size=10M
213
213
  quarkus.log.file.rotation.max-backup-index=5
214
214
  quarkus.log.file.rotation.file-suffix=.yyyy-MM-dd.gz
215
215
 
216
216
  # Audit logging config
217
217
  quarkus.log.handler.file.audit-handler.enable=true
218
218
  quarkus.log.handler.file.audit-handler.path=/var/log/osmax/provisioner/audit-osmax-provisioner.log
219
219
  quarkus.log.handler.file.audit-handler.rotation.max-file-size=10M
220
220
  quarkus.log.handler.file.audit-handler.rotation.max-backup-index=50
221
221
  quarkus.log.handler.file.audit-handler.rotation.file-suffix=.yyyy-MM-dd
222
222
  quarkus.log.category."AUDIT".level=INFO
223
223
  quarkus.log.category."AUDIT".handlers=audit-handler
224
224
  quarkus.log.category."AUDIT".use-parent-handlers=false
225
225
 
226
226
  ###############################################################################
227
227
  # Observability section #
228
228
  ###############################################################################
229
229
 
230
- ## To enable metrics publication to ElasticSearch uncomment the following parameters
231
- #osmax.micrometer.export.elastic.enabled=true
232
- ## ElasticSearch connection configuration
233
- #osmax.micrometer.export.elastic.host=http://<host>:<port>
234
- ## Specify user credentials if using basic authentication
235
- #osmax.micrometer.export.elastic.userName=<user-name>
236
- #osmax.micrometer.export.elastic.password=<user-password>
237
- ## Or specify credentials as Base64 encoded string created in following way.
238
- ## From a generated API key, concatenate in UTF-8 format the unique id, a colon (:), and the api_key
239
- ## in the following format: <id>:<api_key>, then use this string as an input for Base64 encoding.
240
- ## If configured, ApiKey type authentication is used instead of username/password authentication.
241
- #osmax.micrometer.export.elastic.apiKeyCredentials=<base64-encoded-string>
242
-
243
- ## ElasticSearch metrics publication frequency configuration
244
- osmax.micrometer.export.elastic.step=1m
230
+ ## To enable metrics publication to Kafka uncomment the following parameters
231
+ #osmax.micrometer.export.kafka.enabled=true
232
+ #mp.messaging.outgoing.kafka-meter-registry.topic=osmax-observer.metrics
233
+ ## Kafka metrics publication frequency configuration
234
+ osmax.micrometer.export.kafka.step=1m
235
+
236
+ ## To enable observability events publication to Kafka uncomment the following properties
237
+ #osmax.observability.events.export.kafka.enabled=true
238
+ #mp.messaging.outgoing.kafka-event-sink.topic=osmax-observer.events
239
+
240
+ ## For setting target Kafka bootstrap servers and SSL configuration see Kafka integration section