If you are a product administrator, the following content will provide an overview of the administration tasks that you need to perform when working with WSO2 Governance Registry (WSO2 G-Reg).
Upgrading from a previous release
If you are upgrading from WSO2 G-Reg 5.2.0 to WSO2 G-Reg 5.3.0 version, see the upgrading instructions for WSO2 Governance Registry.
Changing the default database
By default, WSO2 products are shipped with an embedded H2 database, which is used for storing user management and registry data. We recommend that you use an industry-standard RDBMS such as Oracle, PostgreSQL, MySQL, MS SQL, etc. when you set up your production environment. You can change the default database configuration by simply setting up a new physical database and updating the configurations in the product server to connect to that database.
For instructions on setting up and configuring databases, see Working with Databases in the WSO2 Administration Guide.
Configuring users, roles and permissions
The user management feature in your product allows you to create new users and define the permissions granted to each user. You can also configure the user stores that are used for storing data related to user management.
- For instructions on how to configure user management, see Working with Users, Roles and Permissions in the WSO2 Administration Guide.
- For information on user roles and permissions that are specific to WSO2 G-Reg functionality, see User Roles and Permissions.
You can create multiple tenants in your product server, which will allow you to maintain tenant isolation in a single server/cluster. For instructions on configuring multiple tenants for your server, see Working with Multiple Tenants in the WSO2 Administration Guide.
After you install WSO2 G-Reg, it is recommended to change the default security settings according to the requirements of your production environment. As WSO2 G-Reg is built on top of the WSO2 Carbon Kernel (version 4.4.7), the main security configurations applicable to G-Reg are inherited from the Carbon Kernel.
For instructions on configuring security in your server, see the following topics in the WSO2 Administration Guide.
- Configuring Transport-Level Security
- Using Asymmetric Encryption
- Using Symmetric Encryption
- Enabling Java Security Manager
- Securing Passwords in Configuration Files
- Resolving Hostname Verification
You can optimize the performance of your WSO2 server by using configurations and settings that are suitable to your production environment. At a basic level, you need to have the appropriate OS settings, JVM settings etc. Since WSO2 products are all based on a common platform called Carbon, most of the OS, JVM settings recommended for production are common to all WSO2 products. Additionally, there will be other performance enhancing configuration recommendations that will depend on very specific features used by your product.
- For instructions on the Carbon platform-level performance tuning recommendations, see Performance Tuning in the WSO2 Administration Guide.
- For instructions on performance tuning recommendations that are specific to WSO2 G-Reg functionality, see Performance Tuning Recommendations.
Changing the default ports
When you run multiple WSO2 products, multiple instances of the same product, or multiple WSO2 product clusters on the same server or virtual machines (VMs), you must change their default ports with an offset value to avoid port conflicts.
For instructions on configuring posts, see Changing the Default Ports in the WSO2 Administration Guide.
Installing, uninstalling and managing product features
Each WSO2 product is a collection of reusable software units called features where a single feature is a list of components and/or other feature. By default, WSO2 MB is shipped with the features that are required for your main use cases.
For information on installing new features, or removing/updating an existing feature, see Working with Features in the WSO2 Administration Guide.
Customizing error pages
You can make sure that sensitive information about the server is not revealed in error messages, by customizing the error pages in your product.
For instructions, see Customizing Error Pages in the WSO2 Administration Guide.
Customizing the management console
Some of the WSO2 products, such as WSO2 G-Reg consist of a web user interface named the management console. This allows administrators to configure, monitor, tune, and maintain the product using a simple interface. You can customize the look and feel of the management console for your product.
For instructions, see Customizing the Management Console in the WSO2 Administration Guide.
For instructions on applying patches (issued by WSO2), see WSO2 Patch Application Process in the WSO2 Administration Guide.
Working with Composite Applications (C-Apps)
For information on the concept of 'Composite Applications' (C-Apps) and about how C-Apps can be deployed and managed, see Working with Composite Applications in the WSO2 Administration Guide.
Monitoring the server
Monitoring is an important part of maintaining a product server. Listed below are the monitoring capabilities that are available for WSO2 G-Reg.
- Monitoring logs: A properly configured logging system is vital for identifying errors, security threats and usage patterns in your product server. For instructions on monitoring the server logs, see Monitoring Logs in the WSO2 Administration Guide.
- Monitoring using WSO2 metrics: WSO2 G-Reg is shipped with JVM Metrics, which allows you to monitor statistics of your server using Java Metrics. For instructions on setting up and using Carbon metrics for monitoring, see Using WSO2 Metrics in the WSO2 Administration Guide.
- JMX-based Monitoring: For information on monitoring your server using JMX, see JMX-based monitoring in the WSO2 Administration Guide.
Starting the product using parameters
For instructions on the startup options that are available for all WSO2 products, see Product Startup Options in the WSO2 Administration Guide.
In addition to that, there are following system properties that can be set to the JAVA virtual machine, when starting the Governance Registry server:
- carbon.registry.character.encoding - This property indicates the character encoding used by the server. For example, set this property to Windows-1251 to use Cyrillic characters or Windows-1255 for Hebrew characters. This property accepts the name of the character set encoding.
- carbon.registry.clean - This property can be set to clean-up the /_system/config/repository and /_system/local/repository collections. This property accepts no value.
- carbon.registry.ignore.conflicts - This property can be set to prevent .mine and .server files being recorded to the server during a sychronization operation. This property accepts values true and false.
- carbon.registry.statistics.operations - This property is used only when statistics logging has been enabled. Set this system property to restrict the types of operations for which statistics are logged. This property accepts a list of comma separated operation names.
- carbon.registry.statistics.output.queries.executed - This property is used only when statistics logging has been enabled. Set this system property to log actual SQL queries that were executed. This property accepts values true and false.
- carbon.registry.statistics.preserve.duplicate.table.accesses - This property is used only when statistics logging has been enabled. Set this system property if you want to preserve duplicate table-access records. This property accepts values true and false.
- carbon.repo.write.mode - This property can be set to indicate whether the server is in READ or READ-WRITE mode. Set this to true for READ-WRITE mode. This is a useful property when making API calls. This property accepts values true and false.
- disable.event.handlers - This property can be set if you want to disable the default event handlers. Please note that this will stop event generation in the registry. This property accepts values true and false.
- onetime.email.verification - This property can be set to enable one time e-mail verification. This property accepts values true and false.
- setup - This property can be set to generate the registry database schema if it does not exist. Please note that this property has no effect if the schema already exists. This property accepts no value.
- uddi - This property can be used to enable the inbuilt UDDI registry. This property accepts the value enable.
Monitoring TCP-Based messages
You can view and monitor the messages passed along a TCP-based conversation using the TCPMon utility in the WSO2 Carbon base platform. For more information on the TCPMon tool, see Monitoring TCP-Based Messages in the WSO2 Administration Guide.