Versions Compared

Old Version 2

changes.mady.by.user David Walend

Saved on

compared with

New Version 3

changes.mady.by.user David Walend

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Preliminaries

Create two IAM accounts as described in SHRINE 4.1.0 Chapter 8 - SHRINE's Configuration .

Set up a Kafka server. TODO.

Security configuration for Kafka. TODO

Configuring users for Kafka TODO

Configure the Hub's shrine.conf

...

Tomcat will need the hub's AWS SQS Kafka credentials to send and receive messages . Add your access ID and secret to in tomcat's password.conf:

Code Block
languagejs
themeRDark
titlepassword.conf
shrine.aws.accessKeyId = "HUBAWSKEYID" //the hub's AWS access key id - usually all capitals and numbers
shrine.aws.secretAccessKey = "hubAwsSecretKey" //the hub's AWS secret key - very long, mixed case letters and numbersTODO


Configure shrineNetworkLifecycle

The shrineNetworkLifecycle needs the admin AWS Kafka credentials to create, modify, and delete AWS SQS QueuesKafka topics. Add that to the shrineNetworkLifecycle's conf/password.conf :

Code Block
languagejs
themeRDark
titlepassword.conf
shrine.aws.accessKeyId = "ADMINAWSKEYID" //the admin AWS access key id - usually all capitals and numbers
shrine.aws.secretAccessKey = "AdminAwsSecretKey" //the admin AWS secret key - very long, mixed case letters and numbers
TODO

network.conf

To use AWS SQSKafka: in network.conf, specify an aws.sqs a Kafka section with the specifics to share with downstream nodes:

Code Block
languagejs
themeRDark
shrine {
  network {
    network {
      name = "Network Name"
      hubQueueName = "hub"
      adminEmail = "yourEmail@yourhospital.edu"
      momId = "arn:aws:iam::1234567890:user/your-hub"
      aws.sqskafka = {
        queueOwnerAWSAccountId = "1234567890" //Digits
        networkPrefix = "best-network"
        region = "us-east-1"
      }
todo
    }
    nodes = [
      {
        name = "Hub's node"
        key = "hub-node"
        userDomainName = "network-hub"
        queueName = "hubNode"
        sendQueries = "false"
        adminEmail = "yourEmail@yourhospital.edu"
        momId = "arn:aws:iam::1234567890:user/your-hubtodo"
      }
    ]
  }
}

The hub owns all of the AWS SQS queues. Find the queue owner's account ID - all digits - in the upper right corner of the AWS IAM console page.controls the Kafka topics. TODO

Choose a network prefix. This will be prepended to queue names to allow managing multiple networks in on the same AWS accountKafka cluster.

Use AWS IAM identity names the Kafka user name of the account to receive the messages for the momId. Find this on the AWS IAM > Users > user page.TODO

Note that the network's momId is the same as hub's node momId. Each downstream node will have its own AWS AIM identity from its own AWS accountThe Kafka admin will make a Kafka account for each downstream node.