What are YAML Files and how do they relate to Identity Suite V15

Products

CA Identity Suite

Issue/Introduction

Identity Suite V15 introduces new control files in a YAML format. What is YAML and how are these files used in Identity Suite v15?

Environment

Identity Suite v15

Resolution

YAML is a human readable markup language. It combines and allows for elements of many different coding languages including, but not limited to, XML, HTML, JSON.
You can get more information on YAML around the internet. A good resource to get started can be found on Redhat's 'What is YAML?' document.

In terms of the v15 Identity Suite we use YAML files to hold all non-default configurations for the Suite's Application Services. These files are read during startup and any configurations found in the YAML files supersede the out of the box default values.

Overall SUITE YAML configuration: /opt/brcm/iga/conf/suite/suite.yaml
User Store YAML configuration: /opt/brcm/iga/conf/ustore/ustore.yaml
Provisioning Directory YAML configuration: /opt/brcm/iga/conf/impd/impd.yaml
Identity Manager YAML configuration: /opt/brcm/iga/conf/idm/idm.yaml
Identity Portal YAML configuration: /opt/brcm/iga/conf/idp/idp.yaml
Identity Governance YAML configuration: /opt/brcm/iga/conf/idg/idg.yaml

EXAMPLE. In this deployment for Identity Manager the following non-default settings have been configured:

Under the General Tab, minimum memory 2048, and Maximum Memory 6144

On the Datasources tab, the Connection URL information and changed the Minimum, Maximum, and Initial database Pools:

And on the Mail tab setup a mail server:

If we review the IDM YAML file, /opt/brcm/iga/conf/idm/idm.yaml

We see all settings that were manually entered

datasources:
- connection_url: jdbc:sqlserver://###.###.#.###:1433;selectMethod=cursor;databaseName=im_db_v15;encrypt=false;trustServerCertificate=true
name: objectstore
password: '{AESGCM}###################################################=='
user: sa
- connection_url: jdbc:sqlserver://###.###.#.###:1433;selectMethod=cursor;databaseName=im_db_v15;encrypt=false;trustServerCertificate=true
init_pool_size: 10
max_pool_size: 250
min_pool_size: 20
name: taskpersistence
password: '{AESGCM}###################################################=='
user: sa
- connection_url: jdbc:sqlserver://###.###.#.###:1433;selectMethod=cursor;databaseName=im_db_v15;encrypt=false;trustServerCertificate=true
name: archive
password: '{AESGCM}###################################################=='
user: sa
- connection_url: jdbc:sqlserver://###.###.#.###:1433;selectMethod=cursor;databaseName=im_db_v15;encrypt=false;trustServerCertificate=true
name: audit
password: '{AESGCM}###################################################=='
user: sa
- connection_url: jdbc:sqlserver://###.###.#.###:1433;selectMethod=cursor;databaseName=im_db_v15;encrypt=false;trustServerCertificate=true
name: reportsnapshot
password: '{AESGCM}###################################################=='
user: sa
- connection_url: jdbc:sqlserver://###.###.#.###:1433;selectMethod=cursor;databaseName=im_db_v15;encrypt=false;trustServerCertificate=true
name: workpoint
password: '{AESGCM}###################################################=='
user: sa
max_heap: 6144
min_heap: 2048
smtpconf:
host: mailserverhost
password: '{AESGCM}############################################'
user: mail_user

Changes made to this file will be loaded into the Services tab for the Application immediately. For example if we update the max heap:

max_heap: 4096

This change is reflected in the Services configuration immediately. A restart of Identity Manager is required for this change to be picked up during the Application Service startup:

Additional Information

There are sample YAML files located under "/opt/brcm/iga/inst/suite/samples" that contain all exposed configurations for each service. These files could be used to manually configure a node without using the igx browser GUI.