ELMA365 On-Premises > ELMA365 Enterprise / Modify ELMA365 Enterprise parameters

Modify ELMA365 Enterprise parameters

During the operation of ELMA365 Enterprise, there may be a need to change or reconfigure a particular component of the application. For example, it might be necessary to modify service settings (change email server settings), connection parameters to the application, configure additional functionalities, etc. It is done in two steps:

  1. Making changes to the configuration file.
  2. Applying the new parameters for ELMA365 Enterprise.

Step 1: Make changes to the configuration file values-elma365.yaml

Начало внимание

Changes are made to the existing configuration file values-elma365.yaml, which was obtained and filled out during the installation of ELMA365 Enterprise. Rash changes to the parameters in this file can lead to the ELMA365 Enterprise application becoming inoperable. Before making changes to the values-elma365.yaml file, it is recommended to create a backup copy of it.

Конец внимание

Description of parameters found in the configuration file values-elma365.yaml

Name

Description

GLOBAL: Platform parameters.

elma365.global.host

The domain (FQDN) or IP address through which the system will be accessible.

When installing the system with a specified domain name, it is necessary to add the corresponding AAA record to the DNS server: "myelma365.com" <-> "IP address of the machine with ELMA365".

Default value: example.ru.

elma365.global.ingress.hostEnabled

Enabling host in ingress (value is taken from elma365.global.host); if TLS support is enabled, the value is automatically set to true.

Important: If TLS support is not enabled, it's recommended to enable it. It is also planned to use the domain (FQDN) to access the S3 minio storage, installed in the Kubernetes cluster using charts elma365-dbs.

Default value: false.

Available options: true, false.

elma365.global.ingress.annotations

Annotations for ingress.

{"kubernetes.io/ingress.class": "nginx"}.

elma365.global.kubeVersion

Override the Kubernetes version.

elma365.global.openshift

Enable support for HAProxy Ingress to work on the OpenShift platform.

Default value: false.

Available options: true, false.

elma365.global.machineId

Path to file machine-id.

Default value: /etc/machine-id.

GLOBAL TLS encryption parameters

elma365.global.ingress.onpremiseTls.enabled

Enable TLS support (enable https).

Default value: false.

Available options: true, false.

elma365.global.ingress.onpremiseTls.secret

Name of the secret with certificates for HTTPS operation.

Default value: elma365-onpremise-tls.

elma365.global.ingress.onpremiseTls.enabledCA

Enabling the root CA certificate for HTTPS operation with a self-signed certificate.

Important: before enabling, it's necessary to install the add-on components.

Default value: false.

Available options: true, false.

elma365.global.ingress.onpremiseTls.configCA

Name of the ConfigMap with the root CA certificate for HTTPS operation with a self-signed certificate.

Default value: elma365-onpremise-ca.

GLOBAL — Monitoring parameters

elma365.global.monitoring.enabled

Enables monitoring support on the ELMA365 application side.

Important: Before enabling service monitoring, it's necessary to install add-on components.

Default value: false.

Available options: true, false.

elma365.global.monitoring.metrics.enabled

Enables the installation of ServiceMonitor in the Kubernetes cluster for ELMA365 application services.

Default value: false.

Available options: true, false.

elma365.global.monitoring.metrics.all

Enables the provision of a significantly larger number of metrics in Prometheus format by the ELMA365 application services. It's disabled by default to prevent disruption of the entire monitoring system due to an excessive number of metrics.

Default value: false.

Available options: true, false.

elma365.global.monitoring.provisioner

Configures the supplied monitoring tools for the target platform.

Default value: k8s.

Available options: k8s, deckhouse.

elma365.global.monitoring.dashboard.enabled

Enables the installation of Dashboards (ConfigMap) in the Kubernetes cluster for ELMA365 application services.

Default value: false.

Available options: true, false.

elma365.global.monitoring.alerts.enabled

Enables the installation of PrometheusRule (CRD) in the Kubernetes cluster for ELMA365 application services.

Default value: false.

Available options: true, false.

GLOBAL — Portable services parameters

elma365.global.managedServices.enabled

Enables support for portable services.
Default value: true.
Available options: true, false.

elma365.global.managedServices.defaultStorageClass

Specify a data storage system.

Default value: longhorn.

elma365.global.managedServices.namespace

Names of the namespace where portable services will be placed.
Default value: elma365-applets.

GLOBAL — Service scaling parameters

elma365.global.autoscaling.enabled

Enables support for auto-scaling on the ELMA365 application side. Important: Before enabling service scaling, it is necessary to install add-on components.

Default value: false.

Available options: true, false.

elma365.global.autoscaling.type

Choosing the auto-scaling method.

Default value: hpa.

Available options: hpa, keda.

Where:

  • keda is Kubernetes Event-driven Autoscaling;
  • hpa is Horizontal Pod Autoscaler.

elma365.global.autoscaling.minReplicas

Configures the minimum number of replicas.

Default value: 1.

elma365.global.autoscaling.maxReplicas

Configures the maximum number of replicas.

Default value: 9.

GLOBAL Connection parameters to the private container image repository

elma365.global.image.repository

Connection string for private registry.

Format: hostname:port/path.

Where:

  • hostname is the IP or domain name of the private registry;
  • port is the connection port;
  • path is the path to the directory.

Default value: hub.elma365.tech.

elma365.global.image.pullSecret

Name of the secret with access rights to the private registry (must be created manually, encrypted in Base64).

Default value: yandexsecret.

GLOBAL Additional parameters

elma365.global.postgres.maxIdleConns

Maximum number of connections in the pool of unused connections.

Default value: 10.

elma365.global.postgres.maxOpenConns

Maximum number of open connections from the pool.

Default value: 50.

elma365.global.postgres.maxConnLife

Maximum lifespan of a connection from the pool.

Default value: 1m.

elma365.global.postgres.poolMaxIdleConns

Maximum number of connections in the pool of unused connections.

Default value: 10.

elma365.global.postgres.poolMaxOpenConns

Maximum number of open connections from the pool.

Default value: 50.

elma365.global.postgres.poolConnMaxLifetime

Maximum lifespan of a connection from the pool.

Default value: 5m.

elma365.global.maxGrpcMessageSize

Maximum response size.

Default value: 8388608.

elma365.global.maxGrpcBackoffDelay

Maximum delay between attempts to establish a GRPC connection.

Default value: 2s.

elma365.global.activeDeadlineSeconds

Number of seconds allocated for the entire Job to execute.

Default value: 3000.

Platform debugging parameters

elma365.debug

Enables platform debugging mode.

Default value: false.

Available options: true, false.

Company parameters

elma365.bootstrapCompany.email

The email address is specified. The email address will serve as the login for the main administrator.

Important: Used when creating a company at the time of ELMA365 installation, changing elma365.bootstrapCompany.email makes it impossible to apply new parameters or update ELMA365.

Default value: admin@mail.com.

elma365.bootstrapCompany.password

Password for the main administrator login.

Important: Used when creating a company at the time of ELMA365 installation.

Default value: test.

elma365.bootstrapCompany.locale

Company interface language.

Default value: ru-RU.

Available options: "ru-RU", "en-US", "sk-SK", "es-ES", "de-DE".

Platform language parameters

elma365.language.default

Installed platform language.

Default value: ru-RU.

Available options: "ru-RU", "en-US", "sk-SK", "es-ES", "de-DE".

Database connection parameters

elma365.db.psqlUrl

Connection string to PostgreSQL for write and read operations.

Format: postgresql://user:password@hostname:port/databaseName?sslmode=disable.

Where:

  • user is the name of the PostgreSQL user with rights to the databaseName database
  • password is the password for the PostgreSQL user;
  • hostname is the IP or domain name of the PostgreSQL server;
  • port is the port for connecting to PostgreSQL, standard port: 5432;
  • databaseName is the name of the database;
  • sslmode is the use of a secure connection.

elma365.db.roPsqlSecret

Secret name with connection to PostgreSQL for read operations (must be manually created, encrypted in Base64).

It should contain the key RO_POSTGRES_URL.

Important: enabling elma365.db.roPsqlSecret disables the elma365.db.roPsqlUrl parameter.

elma365.db.roPsqlUrl

Connection string to PostgreSQL for read operations.

Format: postgresql://user:password@hostname:port/databaseName?sslmode=disable.

Where:

  • user is the name of the PostgreSQL user with rights to the databaseName database
  • password is the password for the PostgreSQL user;
  • hostname is the IP or domain name of the PostgreSQL server;
  • port is the port for connecting to PostgreSQL, standard port: 5432;
  • databaseName is the name of the database;
  • sslmode is the use of a secure connection.

elma365.db.roPsqlSecret

Secret name with connection to PostgreSQL for read operations (must be manually created, encrypted in Base64).

It should contain the key RO_POSTGRES_URL.

Important: enabling elma365.db.roPsqlSecret disables the elma365.db.roPsqlUrl parameter.

elma365.db.mongoUrl

Connection string to MongoDB.

Format: mongodb://user:password@hostname:port/databaseName?ssl=false&replicaSet=rs0&readPreference=nearest.

Where:

  • user is the name of the MongoDB user with rights to the databaseName database;
  • password is the password for the MongoDB user;
  • hostname is the IP or domain name of the MongoDB server;
  • port is the port for connecting to MongoDB, standard port: 27017;
  • databaseName is the name of the database;
  • ssl is the use of a secure connection;
  • replicaSet is the replica set number;
  • readPreference is the preferred read mode.

elma365.db.mongoSecret

Secret name with connection to MongoDB (must be manually created, encrypted in Base64).

It should contain the key MONGO_URL.

Important: enabling elma365.db.mongoSecret disables the elma365.db.mongoUrl parameter.

elma365.db.vahterMongoUrl

Connection string to MongoDB for the authorization server.

Format: mongodb://user:password@hostname:port/databaseName?ssl=false&replicaSet=rs0&readPreference=primaryPreferred.

Where:

  • user is the name of the MongoDB user with rights to the databaseName database;
  • password is the password for the MongoDB user;
  • hostname is the IP or domain name of the MongoDB server;
  • port is the port for connecting to MongoDB, standard port: 27017;
  • databaseName is the name of the database;
  • ssl is the use of a secure connection;
  • replicaSet is the replica set number;
  • readPreference is the preferred read mode.

elma365.db.vahterMongoSecret

Secret name with connection to MongoDB for the authorization server (must be manually created, encrypted in Base64).

It should contain the key VAHTER_MONGO_URL.

Important: enabling elma365.db.vahterMongoSecret disables the elma365.db.vahterMongoUrl parameter.

elma365.db.redisUrl

Redis connection string.

Format: redis://user:password@hostname:port/databaseName.

Where:

  • user is the name of the Redis user with rights to the databaseName database;
  • password is the password for the Redis user;
  • hostname is the IP or domain name of the Redis server;
  • port is the port for connecting to Redis, standard port: 6379;
  • databaseName is the name of the database.

elma365.db.redisSecret

Secret name with connection to Redis (must be manually created, encrypted in Base64).

It should contain the key REDIS_URL.

Important: enabling elma365.db.redisSecret disables the elma365.db.redisUrl parameter.

elma365.db.amqpUrl

RabbitMQ connection string.

Format: amqp://user:password@hostname:port/vhost.

Where:

  • user  is the name of the RabbitMQ user with rights to vhost;
  • password  the password for the RabbitMQ user;
  • hostname is the IP or domain name of the RabbitMQ server;
  • port is the port for connecting to RabbitMQ, standard port: 5672;
  • databaseName is the name of the database.

elma365.db.amqpSecret

Secret name with connection to RabbitMQ (must be manually created, encrypted in Base64).

It should contain the key AMQP_URL.

Important: enabling elma365.db.amqpSecret disables the elma365.db.amqpUrl parameter.

Parameters for connecting to S3 file storage

elma365.s3.method

S3 file upload method.

Default value: PUT.

elma365.s3.accesskeyid

S3 server user login.

elma365.s3.secretaccesskey

S3 server user password.

elma365.s3.bucket

S3 bucket name.

Default value: s3elma365.

elma365.s3.backend.address

S3 connection string.

Format: hostname:port.

Where:

  • hostname is the IP or domain name of the S3 server;
  • port is theport for connecting to S3, standard S3 port: 9000.

If the port is not specified:

  • s3.ssl.enabled: false - select port 80;
  • s3.ssl.enabled: true - select port 443.

elma365.s3.backend.region

S3 server location region.

elma365.s3.ssl.enabled

Usage of TLS encryption by the S3 server.

Default value: false.

Available options: true, false.

elma365.s3.dumpurl

S3 server address for backup by the script elma365db.sh.

Format:

  • for S3 in the Kubernetes cluster: http(s)://minio.<namespace>.svc.<cluster.local>;
  • for external S3: http(s)://example.ru:9000.

elma365.s3Secret

Secret name with connection to S3 storage (must be manually created, encrypted in Base64).

Should contain keys S3_BACKEND_ADDRESS, S3_REGION, S3_KEY, S3_SECRET, S3_BUCKET, S3_SSL_ENABLED, S3_UPLOAD_METHOD.

Important: enabling s3Secret disables the following parameters:

  • s3.method;
  • s3.accesskeyid;
  • s3.secretaccesskey;
  • s3.bucket;
  • s3.backend.address;
  • s3.backend.region;
  • s3.ssl.enabled.

Default value: elma365-custom-db-connections.

SMTP server connection parameters:

elma365.mailer.smtp.host

IP or URL address for connecting to the SMTP server.

Default value: " ".

elma365.mailer.smtp.port

Port for connecting to the SMTP server.

Default value: " ".

elma365.mailer.smtp.from

Email address (mailbox name) from which messages will be sent.

Default value: " ".

elma365.mailer.smtp.user

SMTP server user login.

Default value: " ".

elma365.mailer.smtp.password

SMTP server user password.

Default value: " ".

elma365.mailer.smtp.needTLS

Use of TLS encryption by the SMTP server.

Default value: false.

Available options: true, false.

Server script execution parameters

forkAvailableMemorySize

Sets a limit in MB for memory used by one execution fork inside one replica of the worker service.

If the parameter value is not set or is equal to 0, the worker service's operation remains unchanged.

Uncomment and edit the parameters in the values-elma365.yaml configuration file and save the changes.

Step 2: Apply new parameters for ELMA365 Enterprise

Начало внимание

When changing parameters:

  1. Identify the chart version with which the ELMA365 application was installed or updated.
  1. Use the same chart version to apply new parameters to prevent side effects of the update affecting the application's functionality.

Конец внимание

To update the parameters online:

  1. Determine the chart version with which the ELMA365 application was installed:

helm list [-n namespace]

Example of command output:

change-settings-enterprise-1

In the line version, the chart version with which the ELMA365 application was installed is specified. This value needs to be provided for the flag --version (replace <elma365-chart-version>).

  1. Update the ELMA365 application parameters using the configuration file values-elma365.yaml.

helm upgrade --install elma365 elma365/elma365 -f values-elma365.yaml --version <elma365-chart-version> --timeout=30m --wait [-n namespace]

For offline parameter updates without internet access:

Navigate to the directory with the chart with which the ELMA365 application was installed/updated and execute the command:

helm upgrade --install elma365 ./elma365 -f values-elma365.yaml --timeout=30m --wait [-n namespace]

The parameter update takes 10-30 minutes. Wait for the ELMA365 Enterprise application parameters to be updated.

Found a typo? Highlight the text, press ctrl + enter and notify us