Skip to Content

Wiki source code of Runtime Settings

Last modified by Danniar Firdausy on 2024/09/19 10:05
Show last authors
1 {{container}}
2 {{container layoutStyle="columns"}}
3 (((
4 In this microlearning, we will focus on how to influence the runtime settings via the Deploy -> Architecture overview. With the help of this functionality, you can configure two settings. Firstly, you can configure HTTP settings to open ports and configure SSL settings. Secondly, you can deactivate the "control bus" for a specific runtime. This will disallow users to gain access to your (Production) data.
5
6 Should you have any questions, please contact [[academy@emagiz.com>>mailto:academy@emagiz.com]].
7
8 == 1. Prerequisites ==
9
10 * Intermediate knowledge of the eMagiz platform
11
12 == 2. Key concepts ==
13
14 This microlearning centers around configuring runtime settings.
15 * With runtime, we mean: This is the component in which the individual integration flows are deployed into.
16 * Under the runtime settings option, you can configure the following.
17 ** HTTP Settings.
18 *** Port.
19 *** SSL.
20 ** Control bus enabled.
21 *** Deny access to Queue Browser functionality.
22 *** Deny access to Message Redelivery functionality.
23
24 == 3. Runtime Settings ==
25
26 To govern and control your runtime, you sometimes need to configure additional options on the runtime level. For example, part of these settings is located on the runtime level in Deploy -> Architecture. Executing a right-click while in "Start Editing" mode on a runtime provides you with one of the following context menus.
27
28 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--context-menu-runtime.png]]
29
30 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--context-menu-runtime-on-prem.png]]
31
32 {{info}}
33 The first context menu is given for cloud runtimes, and the second is for on-premises runtimes.
34 {{/info}}
35
36 One of the options in these context menus is called "Runtime Settings." When selecting this option, a pop-up will be shown in which you can toggle two possibilities. These options are:
37
38 * HTTP Settings.
39 * Control bus enabled.
40
41 In the remainder of this microlearning, we will discuss both toggles in detail.
42
43 === 3.1 HTTP Settings ===
44
45 The HTTP Settings toggle is set default to "No." This is done as not all eMagiz runtime will host an endpoint. So, for example, if you want to host an endpoint (REST or SOAP) within the context of eMagiz, you need to set this toggle to "Yes." As a result, a new tab will appear called "HTTP."
46
47 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--runtime-settings-http-enabled.png]]
48
49 You can configure the port and the SSL settings in this second tab. When hosting a web service in eMagiz, the first one is always necessary and can be filled in with a property or via a hardcoded value.
50
51 {{info}}
52 Note that depending on whether you host a REST or SOAP web service, the last two fields are filled in or not
53 {{/info}}
54
55 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--runtime-settings-http-port-property-soap.png]]
56
57 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--runtime-settings-http-port-hardcoded-rest.png]]
58
59 {{warning}}
60 On top of creating this configuration, you should also configure a route for both a cloud and an on-premise setup to make the endpoint accessible. For more information on creating routes, please check out this
61 {{/warning}}
62
63 ==== 3.1.1. SSL ====
64
65 When you want to secure your endpoint via one-way SSL (adding a custom server certificate) or two-way SSL (adding a custom server certificate and demanding a client certificate), you need to toggle the "SSL" option in this view.
66
67 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--runtime-settings-http-ssl-enabled.png]]
68
69 {{info}}
70 Note that when you host your endpoint in the eMagiz cloud, one-way SSL is set on default, and demanding a client certificate should be configured via the "Certificates" and "Routes" options. More on that can be found in this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Securing Data Traffic.intermediate-securing-your-data-traffic-securing-a-hosted-webservice-with-certificates-in-the-emagiz-cloud||target="blank"]]
71 {{/info}}
72
73 ===== 3.1.1.1 One-way SSL =====
74
75 As you can see from the picture above, the default is that no client authentication is needed, and you only want to configure one-way SSL. After enabling the SSL toggle, two new tabs emerge. The first tab, called "SSL," allows you to deviate from the standard in terms of protocol and ciphers. We strongly advise you to keep these settings as is unless you have a reason to change them.
76
77 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--runtime-settings-http-ssl-tab.png]]
78
79 The second tab, called "Key store," allows you to access the correct Keystore, including defining additional settings. For secure information such as passwords, we advise using properties to describe them here.
80
81 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--runtime-settings-http-key-store-tab-filled-in.png]]
82
83 {{info}}
84 For more information on how to create your custom Keystore or truststore, please check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Securing Data Traffic.intermediate-securing-your-data-traffic-creating-a-jks||target="blank"]]
85 {{/info}}
86
87 ===== 3.1.1.2 Two-way SSL =====
88
89 Should the requirement be that you want to secure your endpoint via two-way SSL, you should select the correct option for the "SSL client authentication" on the "HTTP" tab.
90
91 [[image:Main.Images.Microlearning.WebHome@novice-emagiz-runtime-management-runtime-settings--runtime-settings-http-ssl-client-authentication-options.png]]
92
93 The difference between "Allowed" and "Mandatory" is that with "Allowed," clients can send (or not) send the client certificate, but you would like them to do so. With "Mandatory," you are forcing them to send a client certificate if they want to be able to call your endpoint.
94
95 Once you have selected either of these options, a new tab appears called "Trust store." In this tab, you can upload the correct "Trust store" and configure the additional settings (just as with the key store tab).
96
97 {{info}}
98 For more information on how to create your custom Keystore or truststore, please check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Securing Data Traffic.intermediate-securing-your-data-traffic-creating-a-jks||target="blank"]]
99 {{/info}}
100
101 === 3.2 Control bus enabled ===
102
103 The other toggle under "Runtime settings" allows you to enable or disable the control bus. The control bus is a part of our internal infrastructure that will enable you to use functionalities such as the queue browser, message redelivery, and start/stop flow components within our 3rd generation runtime. Given the fact that especially the queue browser can view live data on any environment on any queue, there might be reasons to disable this on the Production environment if the data that is being exchanged via the eMagiz platform is too sensitive in nature for it to be viewed by anyone with access to your eMagiz model.
104
105 If such a case arises, you can disable the configuration per runtime to disallow the use of this functionality. Depending on which runtime you deactivate the control bus, you will lose some or all functionality related to the control bus.
106
107 {{info}}
108 At any given moment when you are satisfied with your configuration, you can press "Save" to store your changes for the runtime settings
109 {{/info}}
110
111 === 3.3 Effectuate changes on architecture ===
112
113 To effectuate the changes made to your deployed architecture, you should create a new release and deploy this via the deployment plan. In case you need more information on the creation of releases or deploying release you can check that information [[here>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-deploy-create-new-release||target="blank"]] and [[here>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-deploy-execute-deployment-plan-gen3.WebHome||target="blank"]].
114
115 == 4. Key takeaways ==
116
117 * On the runtime level in Deploy -> Architecture, you have a context menu item called "Runtime Settings."
118 * In this context menu item, you can configure the HTTP Settings and whether the control bus is enabled.
119 * HTTP Settings are needed when hosting a SOAP or REST web service.
120 ** When enabling, the port needs to be filled in.
121 ** Optionally, you can configure one-way or two-way SSL for an on-premise endpoint.
122 * By disabling the control bus, you will lose (parts of) the functionality that allows you to view or halt data.
123 ** Queue browser.
124 ** Message redelivery.
125 ** Start/Stop flow components.
126 * Changes must be deployed by creating a new release and deploying it via a deployment plan.
127
128 == 5. Suggested Additional Readings ==
129
130 If you are interested in this topic and want more information, please read the help text provided by eMagiz and check out these links:
131
132 * [[Crash Courses (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.WebHome||target="blank"]]
133 ** [[Crash Course Platform (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.WebHome||target="blank"]]
134 *** [[Creating a new Release (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-deploy-create-new-release||target="blank"]]
135 *** [[Deploy a release (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-deploy-execute-deployment-plan-gen3.WebHome||target="blank"]]
136 * [[Intermediate Level (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.WebHome||target="blank"]]
137 ** [[Securing Data Traffic (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Securing Data Traffic.WebHome||target="blank"]]
138 *** [[Securing a hosted web service with certificates in the eMagiz Cloud (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Securing Data Traffic.intermediate-securing-your-data-traffic-securing-a-hosted-webservice-with-certificates-in-the-emagiz-cloud||target="blank"]]
139 *** [[Creating a JKS (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Securing Data Traffic.intermediate-securing-your-data-traffic-creating-a-jks||target="blank"]]
140 * [[Runtime Settings (Search Results)>>url:https://docs.emagiz.com/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_space_facet=0%2FMain.&l_space_facet=10&f_type=DOCUMENT&f_locale=en&f_locale=&f_locale=en&text=%22runtime+settings%22||target="blank"]]
141
142 )))
143
144 (((
145 {{toc/}}
146 )))
147 {{/container}}
148 {{/container}}