Product Administration Guide
If you are a product administrator, the following content will provide an overview of the administration tasks that you need to perform when working with WSO2 Governance Registry (WSO2 G-Reg).
Upgrading from a previous release
If you are upgrading from WSO2 G-Reg 5.3.0 to WSO2 G-Reg 5.4.0 version, see the upgrading instructions for WSO2 Governance Registry.
Changing the default database
By default, WSO2 products are shipped with an embedded H2 database, which is used for storing user management and registry data. We recommend that you use an industry-standard RDBMS such as Oracle, PostgreSQL, MySQL, MS SQL, etc. when you set up your production environment. You can change the default database configuration by simply setting up a new physical database and updating the configurations in the product server to connect to that database.
You need to set up the databases for WSO2 G-Reg as given in the below table. For instructions on setting up and configuring databases, see Working with Databases in the WSO2 Administration Guide.
Datasource name | Purpose | Availability of the datasource | Default location of the datasource or where to create it |
---|---|---|---|
WSO2_CARBON_DB | This datasource is configured to point to a relational database, which is used to store data related to the registry and user management of WSO2 G-Reg. | Available by default. | <G-REG_HOME>/repository/conf/datasources/master-datasources.xml file |
WSO2AM_DB | This datasource is configured to point to a relational database, which is used to store data related to managing APIs. The | Available by default. | <G-REG_HOME>/repository/conf/datasources/master-datasources.xml file |
WSO2REG_DB | This datasource is configured to point to a relational database, which is used to store data related to configurations and governance registry mounts. | Need to create it. | <G-REG_HOME>/repository/conf/datasources/master-datasources.xml file |
WSO2UM_DB | This datasource is configured to point to a shared relational database, which will act as the JDBC user store and authorization manager. | Need to create it. | <G-REG_HOME>/repository/conf/datasources/master-datasources.xml file |
WSO2BAM_DATASOURCE | This datasource is configured to point to a relational database, which is used for storing the results of the Hive analysis job. The | Available by default. | <G-REG_HOME>/repository/conf/datasources/master-datasources.xml file |
JAGH2 | This datasource is configured to point to a relational database, which is used for storing data related to any Jaggery applications that are used in WSO2 G-Reg. | Available by default. | <G-REG_HOME>/repository/conf/datasources/master-datasources.xml file |
BPS_DS | This datasource is configured to point to a relational database, which is used for storing data related to any business workflows. | Available by default. | <G-REG_HOME>/repository/conf/datasources/bps-datasources.xml file |
WSO2_SOCIAL_DB | This datasource is configured to point to a relational database, which is used to persist data of Store-side social activities (e.g., comments, rating, likes etc.). | Available by default. | <G-REG_HOME>/repository/conf/datasources/social-datasources.xml file |
WSO2_METRICS_DB | This datasource is configured to point to a relational database, which is used for storing data related to performance metrics of the JVM instances. | Available by default. | <G-REG_HOME>/repository/conf/datasources/metrics-datasources.xml file |
Configuring users, roles and permissions
The user management feature in your product allows you to create new users and define the permissions granted to each user. You can also configure the user stores that are used for storing data related to user management.
- For instructions on how to configure user management, see Working with Users, Roles and Permissions in the WSO2 Administration Guide.
- For information on user roles and permissions that are specific to WSO2 G-Reg functionality, see User Roles and Permissions.
Configuring multitenancy
You can create multiple tenants in your product server, which will allow you to maintain tenant isolation in a single server/cluster. For instructions on configuring multiple tenants for your server, see Working with Multiple Tenants in the WSO2 Administration Guide.
Configuring security
After you install WSO2 G-Reg, it is recommended to change the default security settings according to the requirements of your production environment. As WSO2 G-Reg is built on top of the WSO2 Carbon Kernel (version 4.4.7), the main security configurations applicable to G-Reg are inherited from the Carbon Kernel.
For instructions on configuring security in your server, see the following topics in the WSO2 Administration Guide.
- Configuring Transport-Level Security
- Using Asymmetric Encryption
- Using Symmetric Encryption
- Enabling Java Security Manager
- Securing Passwords in Configuration Files
- Resolving Hostname Verification
Performance tuning
You can optimize the performance of your WSO2 server by using configurations and settings that are suitable to your production environment. At a basic level, you need to have the appropriate OS settings, JVM settings etc. Since WSO2 products are all based on a common platform called Carbon, most of the OS, JVM settings recommended for production are common to all WSO2 products. Additionally, there will be other performance enhancing configuration recommendations that will depend on very specific features used by your product.
- For instructions on the Carbon platform-level performance tuning recommendations, see Performance Tuning in the WSO2 Administration Guide.
- For instructions on performance tuning recommendations that are specific to WSO2 G-Reg functionality, see Performance Tuning Recommendations.
Changing the default ports
When you run multiple WSO2 products, multiple instances of the same product, or multiple WSO2 product clusters on the same server or virtual machines (VMs), you must change their default ports with an offset value to avoid port conflicts.
For instructions on configuring posts, see Changing the Default Ports in the WSO2 Administration Guide.
Installing, uninstalling and managing product features
Each WSO2 product is a collection of reusable software units called features where a single feature is a list of components and/or other feature. By default, WSO2 MB is shipped with the features that are required for your main use cases.
For information on installing new features, or removing/updating an existing feature, see Working with Features in the WSO2 Administration Guide.
Customizing error pages
You can make sure that sensitive information about the server is not revealed in error messages, by customizing the error pages in your product.
For instructions, see Customizing Error Pages in the WSO2 Administration Guide.
Customizing the management console
Some of the WSO2 products, such as WSO2 G-Reg consist of a web user interface named the management console. This allows administrators to configure, monitor, tune, and maintain the product using a simple interface. You can customize the look and feel of the management console for your product.
For instructions, see Customizing the Management Console in the WSO2 Administration Guide.
Applying patches
For instructions on applying patches (issued by WSO2), see WSO2 Patch Application Process in the WSO2 Administration Guide.
Working with Composite Applications (C-Apps)
For information on the concept of 'Composite Applications' (C-Apps) and about how C-Apps can be deployed and managed, see Working with Composite Applications in the WSO2 Administration Guide.
Monitoring the server
Monitoring is an important part of maintaining a product server. Listed below are the monitoring capabilities that are available for WSO2 G-Reg.
- Monitoring logs: A properly configured logging system is vital for identifying errors, security threats and usage patterns in your product server. For instructions on monitoring the server logs, see Monitoring Logs in the WSO2 Administration Guide.
- Monitoring using WSO2 metrics: WSO2 G-Reg is shipped with JVM Metrics, which allows you to monitor statistics of your server using Java Metrics. For instructions on setting up and using Carbon metrics for monitoring, see Using WSO2 Metrics in the WSO2 Administration Guide.
- JMX-based Monitoring: For information on monitoring your server using JMX, see JMX-based monitoring in the WSO2 Administration Guide.
Starting the product using parameters
For instructions on the startup options that are available for all WSO2 products, see Product Startup Options in the WSO2 Administration Guide.
In addition to that, there are following system properties that can be set to the JAVA virtual machine, when starting the Governance Registry server:
Monitoring TCP-Based messages
You can view and monitor the messages passed along a TCP-based conversation using the TCPMon utility in the WSO2 Carbon base platform. For more information on the TCPMon tool, see Monitoring TCP-Based Messages in the WSO2 Administration Guide.