MTS Container

Summary

MTS can best be described as a monolithic application, encompassing a multitude of submodules deployed as a single Java application. Of note, MTS bundles the Legacy CAT Primefaces web application, which HLN aims to fully deprecate and incorporate the CRUD functionality within the modern CAT-RCKMS web application.

Attributes

Parameter

Value

Type

Primary

Name

middle-tier-service

Image

middle-tier-service

Image Pull Policy

Always

Command

Arguments

Port

8080

Security Context

Allow Privilege Escalation: false

Endpoints

External-to-Cluster

This container does have external-to-cluster exposed endpoints. As MTS provides a RESTful API interface for most of RCKMS data state objects, this document would be extraordinarily long and complex provide a list of all endpoints.

Internal

Liveness Probe

GET /mts-rs-rckms/

At this time, MTS does not have a dedicated liveness probe endpoint. This endpoint will return a "Hello World!" message if the Payara web application server has initialized and is operating in a nominal state.

{
    // Response
}

{
    // Response
}

Readiness Probe

GET /mts-rs-rckms/

At this time, MTS does not have a dedicated readiness probe endpoint. This endpoint will return a "Hello World!" message if the Payara web application server has initialized and is operating in a nominal state.

{
    // Response
}

{
    // Response
}

Environment Variables

All environment variables, unless otherwise indicated, are considered required.

General Variables

JAVA_TOOL_OPTIONS

Feature flags and default configuration overrides for the container's embedded JVM.

Example Value

-Xms4g -Xmx9g -XX:+UseG1GC -XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:/hln/diagnostics/garbageCollection.log -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=1 -XX:GCLogFileSize=10m -XX:+UseStringDeduplication

Explanation of Options

-Xms4g: sets the initial heap size allocation to 4GB (4096 MiB)
-Xmx9g: sets the maximum heap size allocation to 9GB (9216 MiB)
-XX:+UseG1GC: enables the usage of the G1 garbage collector.
-XX:+PrintGCDetails -XX:+PrintGCDateStamps controls verbosity of garbage collection logging output.
-Xloggc:/hln/diagnostics/garbageCollection.log path for the garbage collection logging output file.
-XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=1 -XX:GCLogFileSize=10m enables the rotation of log files once the maximum file size of 10MB has been reached.
-XX:+UseStringDeduplication avoids duplicate garbage collection log entries.

REQUEST_TIMEOUT_SEC Optional

Override the default request timeout used by the embedded web server (Payara).

Acceptable Value

1800 recommended value
Any numerical value, in seconds.

TCP_WRITE_TIMEOUT

Override the default write timeout for responses to API requests that are either query-intensive, or produce an extremely large response body.

Acceptable Value

300000 recommended value
Any numerical value, in milliseconds.

Postgres Database Connectivity

Due to differences in database implementations between AIMS environments, the following Postgres user accounts should be used in MTS and RRS connections:

AIMS Production: rckms
AIMS Onboard: rckms
AIMS PRR: rckms_prr

MTS_DATA_SOURCE_PROPERTIES Secret

JBDC-compatible Postgres database connection string.

Accepted Values

Any connection string that matches this format:

DatabaseName={{name}}:PortNumber={{port}}:User={{username}}:ServerName={{hostname}}:Password={{password}}

For example, the following string would be valid for a development Postgres database instance accessible via localhost:

DatabaseName=rckms:PortNumber=5432:User=admin:ServerName=127.0.01:Password=horsebatterystaple

CDS_DATA_SOURCE_PROPERTIES Secret

JBDC-compatible Postgres database connection string.

Accepted Values

Any connection string that matches this format:

DatabaseName={{name}}:PortNumber={{port}}:User={{username}}:ServerName={{hostname}}:Password={{password}}

For example, the following string would be valid for a development Postgres database instance accessible via localhost:

DatabaseName=rckms:PortNumber=5432:User=admin:ServerName=127.0.01:Password=horsebatterystaple

Legacy CAT ("Primefaces") Configuration

CAT_APP

Define MTS Application Registry ID for the legacy CAT ("Primefaces") application.

Accepted Values

Must be set to CAT.

CAT_CONTEXT

Define pathname for the legacy CAT ("Primefaces") application.

Accepted Values

cat for AIMS environments
cat-pf for HLN environments

CAT_USER

Define RCKMS CAT user username for the legacy CAT ("Primefaces") application.

Accepted Values

The username for the CAT user identity. Typically set to CAT.

CAT_PASSWORD Secret

Define RCKMS CAT user password for the legacy CAT ("Primefaces") application.

Accepted Values

The password for the CAT user specified in CAT_USER.

Intra-mesh Connectivity

CAT_BS_URI

Define the URI for CAT-RCKMS application for this environment. As MTS generates system and email notifications, and data objects that do not use a relative path within the context of CAT-RCKMS, we must explicitly define this fragment of the URL.

Accepted Values

Any valid URL, including protocol, hostname, and path without a terminating slash. For example, https://rckms-prod-authoring.aimsplatform.com or https://mirror.rckms.dev/cat would be considered acceptable values.

DATA_SUPPORT_UPDATE_SERVICE_URI

Define the URI for communicating with DSUS.

Accepted Values

Any valid URL, including protocol, hostname, and path without a terminating slash. For example, http://dsus.prd.svc.cluster.local would be considered an acceptable value.

RCKMS_SHARED_SERVICE_URI

Define the URI for communicating with SS.

Accepted Values

Any valid URL, including protocol, hostname, and path without a terminating slash. For example, http://ss.prd.svc.cluster.local would be considered an acceptable value.

MTS RESTful Services (RS) Configuration

BASE_RS_URI

Define the publicly-accessible URI for this MTS instance.

Accepted Values

Any valid URL, including protocol, hostname, and path without terminating slash. For example, https://rckms-mts.dmz.aimsplatform.com or https://mirror.rckms.dev/__service/mts would be considered acceptable values.

DEPLOY_SERVICE_URI

Define the URI for the Deploy Service embedded in this MTS instance.

Accepted Values

Any valid URL, including protocol, hostname, and path without terminating slash. For example, https://rckms-mts.dmz.aimsplatform.com/deploy-service or https://mirror.rckms.dev/deploy-service would be considered acceptable values.

RS_CRUD_APP_CONTEXT

Accepted Values

Typically set to /mts-rs-%s, but any string with a preceding slash that terminates with a string argument %s would be considered valid.

Probes

Liveness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /mts-rs-rckms/
Port: 8080 (must match container port)

Timings

Initial Delay of 45s
Period of 30s
Timeout of 5s

Thresholds

1 Successes
1 Failures

Readiness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /mts-rs-rckms/
Port: 8080 (must match container port)

Timings

Initial Delay of 45s
Period of 30s
Timeout of 5s

Thresholds

1 Successes
1 Failures

Startup

This container does not utilize startup probes.

Resources

CPU (in millicores)

RAM (in MiB)

Storage (in GiB)

2000

5120

N/A

Technology Stack

Container is built upon a Payara Server (derived from GlassFish Server), Debian base image, which includes OpenJDK 8 (Java Version 8u151).

As this base image is no longer actively supported, HLN has modified the encompassing Dockerfile to perform a variety of package updates from Debian 11 "Bullseye" repositories, as well as removing unused and outdated binaries.

Volume Mounts

Name

Read-Only

Mount Point

Subpath

java-diag

/hln/diagnostics

Workload Identity

MTS requires connectivity to a writable Postgres database instance.

Code Owners

Name

Organization

Blake Minghelli

HLN Consulting, LLC

blake@hln.com

PreviousMTS NextOUS

Last updated 1 year ago

MTS Container

Summary

Attributes

Parameter

Value

Type

Primary

Name

middle-tier-service

Image

middle-tier-service

Image Pull Policy

Always

Command

Arguments

Port

8080

Security Context

Allow Privilege Escalation: false

Endpoints

External-to-Cluster

Internal

Liveness Probe

GET /mts-rs-rckms/

{
    // Response
}

{
    // Response
}

Readiness Probe

GET /mts-rs-rckms/

{
    // Response
}

{
    // Response
}

Environment Variables

All environment variables, unless otherwise indicated, are considered required.

General Variables

JAVA_TOOL_OPTIONS

Feature flags and default configuration overrides for the container's embedded JVM.

Example Value

-Xms4g -Xmx9g -XX:+UseG1GC -XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:/hln/diagnostics/garbageCollection.log -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=1 -XX:GCLogFileSize=10m -XX:+UseStringDeduplication

Explanation of Options

-Xms4g: sets the initial heap size allocation to 4GB (4096 MiB)
-Xmx9g: sets the maximum heap size allocation to 9GB (9216 MiB)
-XX:+UseG1GC: enables the usage of the G1 garbage collector.
-XX:+PrintGCDetails -XX:+PrintGCDateStamps controls verbosity of garbage collection logging output.
-Xloggc:/hln/diagnostics/garbageCollection.log path for the garbage collection logging output file.
-XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=1 -XX:GCLogFileSize=10m enables the rotation of log files once the maximum file size of 10MB has been reached.
-XX:+UseStringDeduplication avoids duplicate garbage collection log entries.

REQUEST_TIMEOUT_SEC Optional

Override the default request timeout used by the embedded web server (Payara).

Acceptable Value

1800 recommended value
Any numerical value, in seconds.

TCP_WRITE_TIMEOUT

Override the default write timeout for responses to API requests that are either query-intensive, or produce an extremely large response body.

Acceptable Value

300000 recommended value
Any numerical value, in milliseconds.

Postgres Database Connectivity

Due to differences in database implementations between AIMS environments, the following Postgres user accounts should be used in MTS and RRS connections:

AIMS Production: rckms
AIMS Onboard: rckms
AIMS PRR: rckms_prr

MTS_DATA_SOURCE_PROPERTIES Secret

JBDC-compatible Postgres database connection string.

Accepted Values

Any connection string that matches this format:

DatabaseName={{name}}:PortNumber={{port}}:User={{username}}:ServerName={{hostname}}:Password={{password}}

For example, the following string would be valid for a development Postgres database instance accessible via localhost:

DatabaseName=rckms:PortNumber=5432:User=admin:ServerName=127.0.01:Password=horsebatterystaple

CDS_DATA_SOURCE_PROPERTIES Secret

JBDC-compatible Postgres database connection string.

Accepted Values

Any connection string that matches this format:

DatabaseName={{name}}:PortNumber={{port}}:User={{username}}:ServerName={{hostname}}:Password={{password}}

For example, the following string would be valid for a development Postgres database instance accessible via localhost:

DatabaseName=rckms:PortNumber=5432:User=admin:ServerName=127.0.01:Password=horsebatterystaple

Legacy CAT ("Primefaces") Configuration

CAT_APP

Define MTS Application Registry ID for the legacy CAT ("Primefaces") application.

Accepted Values

Must be set to CAT.

CAT_CONTEXT

Define pathname for the legacy CAT ("Primefaces") application.

Accepted Values

cat for AIMS environments
cat-pf for HLN environments

CAT_USER

Define RCKMS CAT user username for the legacy CAT ("Primefaces") application.

Accepted Values

The username for the CAT user identity. Typically set to CAT.

CAT_PASSWORD Secret

Define RCKMS CAT user password for the legacy CAT ("Primefaces") application.

Accepted Values

The password for the CAT user specified in CAT_USER.

Intra-mesh Connectivity

CAT_BS_URI

Accepted Values

Any valid URL, including protocol, hostname, and path without a terminating slash. For example, https://rckms-prod-authoring.aimsplatform.com or https://mirror.rckms.dev/cat would be considered acceptable values.

DATA_SUPPORT_UPDATE_SERVICE_URI

Define the URI for communicating with DSUS.

Accepted Values

Any valid URL, including protocol, hostname, and path without a terminating slash. For example, http://dsus.prd.svc.cluster.local would be considered an acceptable value.

RCKMS_SHARED_SERVICE_URI

Define the URI for communicating with SS.

Accepted Values

Any valid URL, including protocol, hostname, and path without a terminating slash. For example, http://ss.prd.svc.cluster.local would be considered an acceptable value.

MTS RESTful Services (RS) Configuration

BASE_RS_URI

Define the publicly-accessible URI for this MTS instance.

Accepted Values

Any valid URL, including protocol, hostname, and path without terminating slash. For example, https://rckms-mts.dmz.aimsplatform.com or https://mirror.rckms.dev/__service/mts would be considered acceptable values.

DEPLOY_SERVICE_URI

Define the URI for the Deploy Service embedded in this MTS instance.

Accepted Values

Any valid URL, including protocol, hostname, and path without terminating slash. For example, https://rckms-mts.dmz.aimsplatform.com/deploy-service or https://mirror.rckms.dev/deploy-service would be considered acceptable values.

RS_CRUD_APP_CONTEXT

Define MTS RS API path pattern. Should match that set at build time for , and pattern must be reflected in all services that communicate with MTS directly.

Accepted Values

Typically set to /mts-rs-%s, but any string with a preceding slash that terminates with a string argument %s would be considered valid.

Probes

Liveness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /mts-rs-rckms/
Port: 8080 (must match container port)

Timings

Initial Delay of 45s
Period of 30s
Timeout of 5s

Thresholds

1 Successes
1 Failures

Readiness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /mts-rs-rckms/
Port: 8080 (must match container port)

Timings

Initial Delay of 45s
Period of 30s
Timeout of 5s

Thresholds

1 Successes
1 Failures

Startup

This container does not utilize startup probes.

Resources

CPU (in millicores)

RAM (in MiB)

Storage (in GiB)

2000

5120

N/A

Technology Stack

Container is built upon a Payara Server (derived from GlassFish Server), Debian base image, which includes OpenJDK 8 (Java Version 8u151).

Volume Mounts

Name

Read-Only

Mount Point

Subpath

java-diag

/hln/diagnostics

Workload Identity

MTS requires connectivity to a writable Postgres database instance.

Code Owners

Name

Organization

Blake Minghelli

HLN Consulting, LLC

blake@hln.com

PreviousMTS NextOUS

Last updated 1 year ago