Document toolboxDocument toolbox

Configuring jdbc.properties for Kyvos Manager

Owned by Sarabjeet Kaur
Feb 08, 2024
3 min read

Kyvos Manager supports and uses Postgres as its repository. Data source configuration is set in file jdbc.properties, located at kyvosmanagerdata/server/db/.

By default, Kyvos Manager uses bundled Postgres as its repository. However, in cloud-based deployments, Kyvos Manager also supports using an external repository for AWS RDS, or Flexible server.

  • For automated deployment (default Path), the location of the Kyvos Manager data folder is /data/kyvos/installs/kyvosmanager_war/

  • For non-automated deployments (i.e., on Prem or wizard-based deployments in a cloud environment), its location will be inside the kyvosmanager_war folder that was created initially.

Properties of jdbc.properties

jdbc-related core properties

  • jdbc.driverClassName=org.postgresql.Driver

  • jdbc.dialect=org.hibernate.dialect.PostgreSQLDialect

  • jdbc.url=jdbc:postgresql://localhost:45421/kmrepo

  • jdbc.username=kmdbuser

  • jdbc.password=

 Password encryption-related configuration

  • cryptographyAlgorithm=AES_128_GCM

Cloud-specific configuration properties

  • secretStoreIdentifier=

  • cloudProvider=

  • projectName=

  • serviceAccountName=

  • repoIdentifier=

 Bundled Postgres management-related configuration values

  • useBundledRepo=true

  • homePathBundledRepo=

  • manageBundledRepoService=true

Configuring jdbc.properties

For fresh deployment

  • Automated deployment

    • Bundled Postgres: No manual configuration is necessary in jdbc.properties since it works well with default configuration values provided in jdbc.properties.

    • External Repository (AWS RDS, Flexible server): No manual configuration is required in jdbc.properties as everything is configured automatically.

Note

Whether using bundled Postgres or an external repository, no manual configuration changes are required in the jdbc.properties file.

  • Wizard based deployment

    • Bundled Postgres: No manual configuration changes are required in the jdbc.properties as everything works well with default provided configuration values in jdbc.properties

    • External Repository (AWS (RDS) or Flexible server):

      • Before configuring the jdbc.properties file, ensure that Kyvos Manager is not started.

      • Replace the server name in jdbc url with the server name of the Flexible server, port and SSL.
        For example, jdbc.url=jdbc:postgresql://kyvosmanager-postgresserver-5122.postgres.database.azure.com:5432/kmrepo?sslmode=require

      • jdbc.username should be kmdbuser.

      • Set the value of useBundledRepo and manageBundledRepoService to ‘false.’

Upgrade or Switching

  • Depending on whether switching from bundled to external or external to bundled, set some properties while making values of irrelevant properties blank.

Changing jdbc.properties

Case 1

To use an external repository for Kyvos Manager either during fresh deployment or upgrade or switching to an external repository as a Kyvos Manager repository, in this case, you must update the following properties in the jdbc.properties file.

  • Set the value of useBundledRepo and manageBundledRepoService to ‘false.’

  • jdbc.url

  • repoIdentifier

Important

When you switch to an external repository, such as the Kyvos Manager repository, while currently using bundled Postgres, data migration from the bundled Postgres to the external repository becomes a prerequisite and a manual activity.

Case 2

Update the following properties when migrating from external repository to bundled Postgres:

  • Set the value of useBundledRepo and manageBundledRepoService to true.

  • Set the appropriate value for the homePathBundledRepo property.

  • Specify the jdbc.url

  • Leave the external repository-related properties blank.

Important

When you switch to a bundled repository as the Kyvos Manager repository while currently using the external repository, data migration from the external repository to a bundled repository becomes a prerequisite and a manual activity.

Case 3

Update the following properties when migrating from Flexible Server to Single Server:

  • jdbc.url

  • jdbc.username

Other properties

The username and password must be updated if they are not the default.

  • jdbc.username=kmdbuser

  • jdbc.password=

    • During Kyvos Manager bootup or cluster deployment, it will be encrypted even if a password is added in plain text. If a plain text password is provided, ensure that the value for the property cryptographyAlgorithm is blank.

    • After restarting Kyvos Manager or completing the cluster deployment, if the specified password is used, it will also be moved to the secret used in the cluster.

After the cluster deployment, the following properties automatically configured through Kyvos Manager if external repository is in use as Kyvos Manager repository.

  • secretStoreIdentifier

  • cloudProvider

  • projectName

  • serviceAccountName

 

Copyright Kyvos, Inc. All rights reserved.