Application Configuration
The BWS applications, the gRPC service and the Portal, need to get some configuration at startup, that also might be
security related. Additionally, some configuration settings might change dynamically and need to be updated at runtime.
Therefore different mechanisms to provide this configuration are available.
Security related settings
Secrets like encryption-keys, passwords and connection strings shall not be kept in configuration files.
If Docker Swarm, Kubernetes or an other orchestration tool is used, the secret management of these tools can be used.
General settings used by all services for docker single container
Kestrel
The BWS applications uses the Kestrel web server to host the service. Therefore, the
Kestrel endpoint configuration options can be applied
to the BWS services as well. For example, to configure TLS you can use a settings file like
ASPNETCORE_URLS: https://+:5001
ASPNETCORE_Kestrel__Certificates__Default__Path: <path to .pfx file>
ASPNETCORE_Kestrel__Certificates__Default__Password: <certificate password>
Serilog
Also, all BWS applications use Serilog for structured logging. Therefore,
logging can be configured using Serilog settings. Beside of the
standard Serilog sinks Console and File, you can add sinks e.g. like Seq and Elasticsearch.
Serilog__MinimumLevel: "Warning"
Serilog__WriteTo__0__Name: "Console"
Serilog__WriteTo__1__Name: "Seq"
Serilog__WriteTo__1__Args__serverUrl: "<URL of SEQ server>"
BWS gRPC Settings - On-Premises
-
MongoDB:ConnectionString
Required connection string to the database. The URL in this connection string
must also contain the database name in its path.
-
ClientService:Secret
Recommended secret (Base64 encoded byte array) used to encrypt your RSA private key. Must be identical to the secret used with the other BWS containers!
-
ClientService:UpdateConfigurationInterval
The interval in seconds used to poll the database for configuration changes. Defaults to 30 seconds.
-
DataLogging:LogPath
The folder where to log input- and output data temporary. The default is
/mnt/bwslogging
.
-
Busy:HighTrafficRequests
Number of concurrently running requests that indicate high traffic. In case of high traffic, the latest response times
are used to calculate the too busy response time. Defaults to number of processors.
-
Busy:BusyResponseSeconds
In case of high traffic, the average of the latest response times is compared to this busy response time (in seconds)
to decide whether the service is busy. In this case any readiness probes on the service will return the degraded state
(NOT SERVING in the case of gRPC health check).
The default is 15 seconds.
-
Busy:TooBusyResponseSeconds
In case of high traffic, the average of the latest response times is compared to this busy response time (in seconds)
to decide whether the service is too busy. In this case any newly incoming request will be blocked
by creating an unavailable response status.
The default is 25 seconds.
BWS Portal Settings - On-Premises
-
MongoDB:ConnectionString
Required connection string to the database. The URL in this connection string
must also contain the database name in its path.
-
KeyEncryption:Secret
Recommended secret (Base64 encoded byte array) used to encrypt your RSA private key. Must be identical to the secret used with the other BWS containers!
-
ManagementApi:LogPath
The folder where to log input- and output data temporary. The default is
/mnt/bwslogging
. The files in this folder have a default retention of
30 days and are automatically deleted after this retention period.
-
CleanUpService:RetentionDays
Retention period for the files written to the log folder. Default is 30 days.
-
PerformanceService:RetentionDays
Retention period for the performance counter entries in the database. Default is 30 days.
-
UsageService:IntervalMinutes
The usage service execution interval. The usage service periodically creates the daily usage for all
clients and the overall usage of the on-prem installation. The default is every 5 minutes.
-
PerformanceService:IntervalSeconds
The performance counter service execution interval. The performance counter service periodically
calculates the performance statistics for all clients and the on-prem installation. The default is 120 seconds.
-
CleanUpService:IntervalMinutes
The cleanup service execution interval. By default every 6 hours the expired entries in the log folder are deleted.
-
-
OIDC:Authority
URL of OpenID Connect server.
-
OIDC:ClientId
The client identifier used to authenticate with the OpenID Connect server.
-
OIDC:ClientSecret
The client secret used to authenticate with the OpenID Connect server.
-
OIDC:DisplayName
An optional display name for this OpenID Connect provider.
OpenIDConnect is used if no DisplayName has been set.