|
| 1 | +--- |
| 2 | +tags: |
| 3 | + - Configuration |
| 4 | + - Graph-Insights |
| 5 | + - GraphInsights |
| 6 | +--- |
| 7 | +# Graph Insights |
| 8 | + |
| 9 | +## OAuth configuration |
| 10 | + |
| 11 | +Graph Insights requires authentication similar to Explore and Build (DataIntegration). |
| 12 | +There is the need for a client to authenticate in a browser and a second client to allow inter-component communication. |
| 13 | + |
| 14 | +For convenience, by default we use the same clients as for the rest of the application: |
| 15 | + |
| 16 | +- Client for browser: cmem |
| 17 | +- Client for component communication: cmem-service-account |
| 18 | + |
| 19 | +In case you want to have separate clients for production deployments, have a look at the end of this file. |
| 20 | + |
| 21 | +## Resource consideration |
| 22 | + |
| 23 | +Please refer to [Graph Insights Sizing](../../../deploy-and-configure/requirements/graph-insights-sizing.md) for more information. |
| 24 | + |
| 25 | + |
| 26 | +### Explore configuration |
| 27 | + |
| 28 | +The following two sections are needed for enabling Graph Insights inside Explores configuration. |
| 29 | +In the docker orchestration it is enabled through profiles while in helm we just use one profile. |
| 30 | +We there use helm templating mechanism to render it into the default profile. |
| 31 | + |
| 32 | +``` yaml |
| 33 | +spring.security.oauth2.client.registration.explore-service: |
| 34 | + client-id: cmem-service-account |
| 35 | + client-secret: change-me |
| 36 | + authorization-grant-type: client_credentials |
| 37 | + provider: keycloak |
| 38 | +``` |
| 39 | +
|
| 40 | +``` yaml |
| 41 | +semspect: |
| 42 | + enabled: true |
| 43 | + integration: |
| 44 | + url: http://graphinsights:8080/graphinsights |
| 45 | + externalUrl: ${DEPLOY_BASE_URL}/graphinsights |
| 46 | + automaticResyncCronExpression: "0 0/30 8-10 * * *" |
| 47 | + localDatasetStatePath: /graphinsights/infinispan |
| 48 | + ### Configure either fileShareIntegrationSettings or graph-store-integration-settings |
| 49 | + # fileShareIntegrationSettings: |
| 50 | + localGraphStoragePathExplore: /graphinsights |
| 51 | + # localGraphStoragePathSemspect: /explore-share/ |
| 52 | + graph-store-integration-settings: |
| 53 | + semspect-dataplatform-url: http://explore/dataplatform |
| 54 | +``` |
| 55 | +
|
| 56 | +
|
| 57 | +#### (a) helm configuration |
| 58 | +
|
| 59 | +In helm based deployment you can enable Graph Insights by enable it in your value file. |
| 60 | +Preemptive you have to create a secret containing your license file. |
| 61 | +
|
| 62 | +``` console |
| 63 | +- "kubectl -n cmem create secret generic graphinsights-license --from-file your-graphinsights.lic |
| 64 | +``` |
| 65 | +
|
| 66 | +This enables the plugin. |
| 67 | +
|
| 68 | +``` yaml |
| 69 | +graphinsights: |
| 70 | + enabled: true |
| 71 | +``` |
| 72 | +
|
| 73 | +All needed configuration can be done in the Corporate Memory helm chart `value.yaml` file. |
| 74 | +The configuration mentioned above is rendered with those files, but you usally don't have to touch those: |
| 75 | +
|
| 76 | +- `configuration-files/explore-application.yml` for Explore |
| 77 | +- `configuration-files/cmem.integration.config.yml` for Graph Insights |
| 78 | +
|
| 79 | +For more details please have a look in the helm value file. |
| 80 | +Every configuration is documented there. |
| 81 | +Please refer to [Kubernetes deployments](../../../deploy-and-configure/installation/scenario-k8s-deployment/index.md) for more information. |
| 82 | +
|
| 83 | +#### (b) docker-compose configuration |
| 84 | +
|
| 85 | +In our Corporate Memory docker-orchestration all main configurations can be directed by setting environments |
| 86 | +variables in `environments/config.env`. |
| 87 | +You can find the environments are set as usual in `environments/default.env` and `environments/config.env`. |
| 88 | +
|
| 89 | +``` Makefile |
| 90 | +########################### |
| 91 | +# GRAPH-INSIGHTS SETTINGS # |
| 92 | +########################### |
| 93 | +GRAPHINSIGHTS_JAVA_TOOL_OPTIONS="-XX:UseSVE=0" |
| 94 | + |
| 95 | +# This is the client the user uses to login to Graph Insights in browser |
| 96 | +# for convenience we use the same as CMEM client |
| 97 | +# GRAPHINSIGHTS_OAUTH_CLIENT_ID=graph-insights |
| 98 | +GRAPHINSIGHTS_OAUTH_CLIENT_ID=${OAUTH_CLIENT_ID} |
| 99 | + |
| 100 | +# This is the client ID for the Graph Insights service account but not used |
| 101 | +# due to convienience we use the same as CMEM service account |
| 102 | +GRAPHINSIGHTS_OAUTH_SERVICE_CLIENT_ID=graph-insights-service-account |
| 103 | +GRAPHINSIGHTS_OAUTH_SERVICE_CLIENT_SECRET=changeme |
| 104 | + |
| 105 | +GRAPHINSIGHTS_SERVER_PORT=8080 |
| 106 | +GRAPHINSIGHTS_SERVER_SERVLET_CONTEXT_PATH=/graphinsights |
| 107 | +# in case of subdomain this have to be adjusted. |
| 108 | +GRAPHINSIGHTS_SERVER_FRAME_ANCESTORS=${DEPLOY_BASE_URL} |
| 109 | +GRAPHINSIGHTS_LOGGING_LEVEL_ROOT=DEBUG |
| 110 | +``` |
| 111 | + |
| 112 | +These are used in the configuration files in `conf/explore/application-graphinsights.yml` for Explore settings and |
| 113 | +`conf/graphinsights/cmem.integration.config.yml` for Graph Insights settings. |
| 114 | + |
| 115 | +The deployment definition can be found here `extensions/docker-compose.graphinsights.yml` |
| 116 | + |
| 117 | + |
| 118 | +## Using separate OAuth clients for Graph Insights |
| 119 | + |
| 120 | +TBD |
0 commit comments