Configuring the BPM event emitter against IBM Business Automation Insights

To configure the BPM event emitter against IBM Business Automation Insights, you run the EnableBAI.py script again with a properties file. This file generates the configuration files that are used by the emitter to send events from BPMN processes, BPEL processes, and BPEL human tasks to a Kafka server.

Before you begin

Warning: Failure of IBM Business Automation Insights integration might cause an outage on the Business Automation Workflow system. If Business Automation Insights is down or unresponsive, disable the communication immediately. For more information, see Uninstalling the BPM event emitter.
In the previous phase Installing and configuring the BPM emitter, you ran the EnableBAI.py script to enable subscription to event emission and then you restarted your IBM Business Automation Workflow deployment environment (Dmgr, Node, and servers).

About this task

If you have deployed IBM Business Automation Insights on Kubernetes, you can create a copy of the BAIConfigure.properties template file, which you then edit to match your needs, or you can start from a new file. You can find the BAIConfigure.properties template in the <Workflow_Install_Root>\BPM\Lombardi\tools\def directory.

Procedure

  1. Set the following mandatory properties.
    bpmCellName
    The name of the IBM Business Automation Workflow server cell. This name is used in IBM Business Automation Insights to identify the source of the events.
    DeploymentEnvironmentName
    The Workflow target deployment environment (DE) name. If only one deployment environment is available, set this property to None.
    bootstrapServers
    Set this property to the output of the following command.
    oc get routes -n <namespace> -l app.kubernetes.io/name=kafka | awk '{if($1~/bootstrap/){print "https://"$2}}'
    topicName
    The name of IBM Business Automation Insights ingress topic, prefixed with icp4ba-bai-. The default name is icp4ba-bai-ibm-bai-ingress.
    type
    The type of security configuration to use with Kafka. You must provide a truststore in JKS format.
    1. To retrieve the truststore from the Red Hat OpenShift environment, run the oc get command.
      oc get secret/iaf-system-cluster-ca-cert -o "jsonpath={.data.ca\.crt}" | openssl enc -d -base64 -A > kafka-iaf-ca.crt
    2. To generate the JKS file, run this command.
      keytool -keystore truststore.jks -storetype jks -alias CARoot -import -file kafka-iaf-ca.crt -noprompt -storepass secret
  2. Pass these property values by running the following command. 
    <Dmgr_profile_root>\bin\wsadmin.[bat|sh] -f <Workflow_Install_Root>\BPM\Lombardi\tools\def\EnableBAI.py --update=connection --property="<full_path_to_property_file>"
    This command has the following effects.
    1. The script generates the BPMEventEmitter configuration file to the <profile_root>\config\cells\<cell_name>\nodes\<node_name>\servers\<server_name>\analytics\config directory or to the <profile_root>\config\cells\<cell_name>\clusters\<cluster_name>\analytics\config directory, or to both.
    2. If necessary, the script distributes the SSL-related configuration files to each server instance under <profile_root>\config\cells\<cell_name>\nodes\<node_name>\servers\<server_name>\analytics\config.
    3. The script updates the configuration and synchronizes the nodes.
  3. Restart the BPMEventEmitter application in the WebSphere® Application Server administration console for the new configuration to take effect.

Results

With this configuration, you connect your IBM Business Automation Workflow environment with the Kafka topic that runs on the OpenShift Cloud Platform.

Example

This properties file configures a successful connection of a IBM Business Automation Workflow environment with the Kafka topic that runs on Red Hat OpenShift.
#CommonConfigurations
DeploymentEnvironmentName=De1
bootstrapServers=iaf-system-kafka-bootstrap-ku2103.apps.kuocp.cp.fyre.ibm.com:443
topicName=icp4ba-bai-ibm-bai-ingress
#Customized name for BPM server displayed in BAI
bpmCellName=PCCell1

type=scram_sha_512
trustStore=/tmp/truststore.jks
trustStore.password=secret
username=icp4ba-kafka-auth
password=dc5gk0oCS2vs
If you call the EnableBAI.py script with this BAIConfigure.properties file, you get this BPMEventEmitter.yml file.
blackList:
- "e0eb3ba9-e2ef-32b7-a1b2-d3533a359a62"
- "23d3ecec-6fdb-4033-9c57-e931aa13761f"
- "9645fce4-f4af-450f-8ce3-09d45bdb7920"
- "dbecd816-afed-47b0-ba92-c13256fcb566"

bpmCellName: "PCCell1"

kafkaConfiguration:
    kafka.bootstrap.servers: "iaf-system-kafka-bootstrap-ku2103.apps.kuocp.cp.fyre.ibm.com:443"
    enabled: true
    monitor.topic: "icp4ba-bai-ibm-bai-ingress"
    kafka.client.id: bai-bpmn-event-producer
    kafka.ssl.protocol: TLSv1.2
    kafka.ssl.enabled.protocols: TLSv1.2
    kafka.ssl.truststore.type: JKS
    kafka.ssl.keystore.type: JKS
    kafka.ssl.truststore.location: /opt/ibm/bpm/profiles/Node1Profile/config/cells/PCCell1/nodes/Node1/servers/SingleClusterMember1/analytics/config/truststore.jks
    kafka.ssl.truststore.password: secret
    kafka.security.protocol: SASL_SSL
    kafka.sasl.mechanism: SCRAM-SHA-512
    kafka.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="icp4ba-kafka-auth" password="dc5gk0oCS2vs";