Lead your team forward
OCT 24 / 9AM ET Register nowMMM Configuration
In on-premise deployments, the following properties configure Metadata Management Module (MMM) and are provided in the mmm-backend/etc/application.properties
file.
In addition, the following properties can be specified for MMM as well:
Basic settings
Property | Data type | Description |
---|---|---|
|
String |
The number of the port where the Metadata Server is running. Default value: |
Keycloak authentication
Property | Data type | Description |
---|---|---|
|
String |
The URL of the server where Keycloak is running. Default value: |
|
String |
The name of the Keycloak realm. Default value: |
|
String |
The type of client token authentication.
Valid values: Default value: |
|
String |
The client identifier used to verify the admin user’s authorization token. Default value: |
|
String |
The secret key of the client identifier for the admin account.
Secret keys can be generated using Keycloak.
Used by Default value: |
|
String |
The password of the keystore used for |
|
String |
The type of the keystore used for Default value: |
|
String |
The password of the keystore.
Used for |
|
String |
The private key name specified in the keystore used for The default value is the client identifier. |
|
String |
The password for the private key. Used if the private key is encrypted. The default value is the keystore password. |
|
String |
Specifies for how long the JWT token used for authentication in Keycloak remains valid.
Used for Default value: |
|
String |
The type of client token authentication.
Valid values: Default value: |
|
String |
The client identifier. Used to verify a user’s authorization token and to log in a user. Default value: |
|
String |
The secret key of the client.
Secret keys can be generated using Keycloak.
Used by Default value: |
|
String |
Points to the keystore used for |
|
String |
The type of the keystore used for Default value: |
|
String |
The password of the keystore.
Used for |
|
String |
The private key name specified in the keystore used for The default value is the client identifier. |
|
String |
The password for the private key. Used if the private key is encrypted. The default value is the keystore password. |
|
String |
Specifies for how long the JWT token used for authentication in Keycloak remains valid.
Used for Default value: |
|
String |
Specifies the issuer of the JWT token. Typically, Keycloak uses the URL of the realm as the token issuer. Default value: |
|
String |
The expected recipients of the JWT token. Used for validating the token. |
|
String |
Defines for how long public keys retrieved from Keycloak are cached. Default value: |
|
String |
Defines the minimum time interval between two requests for retrieving new public keys from Keycloak. This helps prevent Denial-of-Service (DoS) attacks. Default value: |
gRPC Server
General settings
Property | Data type | Description |
---|---|---|
|
Number |
The number of the port where the gRPC server is running. Default value: |
|
String |
Limits the size of messages that the gRPC server can process. Default value: |
Authentication
Property | Data type | Description |
---|---|---|
|
Boolean |
Enables basic authentication on the gRPC Server. Default value: |
|
Boolean |
Enables bearer authentication on the gRPC Server. Default value: |
|
Boolean |
Enables internal JWT token authentication on the gRPC Server. Default value: |
|
Boolean |
Enables mTLS authentication on the gRPC Server. Default value: |
TLS/mTLS
Property | Data type | Description |
---|---|---|
|
Boolean |
Enables TLS authentication on the gRPC server. Default value: |
|
String |
Defines whether mutual TLS authentication is needed.
Valid values: When set to |
|
String |
The full path to the TLS certificate, for example, |
|
String |
The full path to the private key of the certificate, for example, |
|
String |
The full path to the public certificate of the root certificate authority, for example, |
gRPC Client
General settings
Property | Data type | Description |
---|---|---|
|
String |
Limits the size of messages that the gRPC client can process. Default value: |
TLS/mTLS
Property | Data type | Description |
---|---|---|
|
Boolean |
Enables TLS authentication on the gRPC client. Default value: |
|
Boolean |
Enables mutual TLS authentication between the server and the client. Default value: |
|
String |
The full path to the TLS certificate, for example, |
|
String |
The full path to the private key of the certificate, for example, |
|
String |
The full path to the public certificate of the root certificate authority, for example, |
MMM general settings
Property | Data type | Description |
---|---|---|
|
Boolean |
If set to |
|
Boolean |
If set to |
|
String |
Defines how often a compare session should be marked as still in use. A compare session is created when a user chooses to compare two nodes and can be accessed in subsequent requests but not indefinitely. The time interval specified here should be significantly lower than the expiration period. Default value: |
|
String |
Defines the time period after which a compare session is considered expired starting from the last time the session was in use. Expired sessions are pruned according to the pruning schedule. Default value: |
|
String |
Defines the time period after which a compare session is pruned from the database starting from the last time the session was in use. The time interval specified here must be greater than the expiration period. Default value: |
|
String |
Defines how often the server attempts pruning compare sessions from the database. Default value: |
|
String |
Defines how often the server attempts to detect new migration requests. Default value: |
|
String |
Defines for how long a node remains read-only if a new MMD model is published. After this period expires, the migration of database schemas starts, which makes the application temporarily unavailable. The time interval specified here needs to be long enough so that all running database transactions can be successfully completed. Default value: |
|
Boolean |
Determines whether migration is performed using the new upgrade runner ( Default value: |
|
Boolean |
Exposes the HTTP endpoint for exporting MMM data. The user must have the Default value: |
MMM database
Property | Data type | Description |
---|---|---|
|
String |
A JDBC connection string pointing to the MMM database. Default value: |
|
String |
The username for the MMM database. Default value: |
|
String |
The password for the MMM database. Default value: Encrypted version of the same value: |
|
Number |
The maximum number of connections, both active and idle, that can be kept in the connection pool. Default value: |
|
Number |
Defines for how long a connection can remain unoccupied outside of the connection pool before a possible connection leak is logged. Expressed in milliseconds. Default value: |
MMM backup database
The following properties are used for metadata backup and restore purposes.
If the properties are not specified, the values are instead derived from the properties spring.datasource.url
and ataccama.one.mmm.backup.postgres.database-name
.
Setting these properties is preferable only in cases when they cannot be computed from the former configuration.
Property | Data type | Description |
---|---|---|
|
String |
The name of the database used for backing up MMM data if PostgreSQL is used. If not set, the name is created by adding a prefix to the name of the MMM database. Default value: |
|
String |
A JDBC connection string pointing to the MMM backup database if PostgreSQL is used.
If not set, the default URL is created based on the URL of the MMM database ( Default value: |
|
String |
The username for the MMM backup database if PostgreSQL is used.
If not set, the username for connecting to the MMM database is used instead ( Default value: |
|
String |
The password for the MMM backup database if PostgreSQL is used.
If not set, the password for connecting to the MMM database is used instead ( Default value: |
High availability
Currently, high availability (HA) in MMM functions in active/passive mode, which means that it includes one active instance and multiple passive instances on standby. As such, the high availability setup does not increase the throughput; it only increases availability.
The high availability setup is intended mainly for self-managed deployments. |
In order to use high availability in MMM, the following requirements must be in place:
-
A dedicated database for HA synchronization (by default:
mmm_ha
). -
An additional port must be open for monitoring (by default:
8024
). -
Multiple MMM instances must be set up with a load balancer pointing to the new health monitoring endpoint.
The following properties are used to enable and configure the HA mode in MMM.
Property | Data type | Description |
---|---|---|
|
Boolean |
Enables the high availability setup in MMM. Default value: |
|
String |
A JDBC connection string pointing to the high availability database. Default value: |
|
String |
The username for the high availability database. Default value: |
|
String |
The password for the high availability database. Default value: |
|
String |
The initial sleep period before a new leader election begins. If the value is set differently on each instance, this can be used to prioritize which instance becomes active provided that there are no issues preventing that. Default value: |
|
String |
Specifies how often a new active leader is elected. This affects how quickly a failed instance can be recognized and handled. The time until a new leader is elected must be shorter or equal than the sum of this interval ( Default value: |
DPM and Executor
Property | Data type | Description |
---|---|---|
|
String |
The IP address or the hostname of the server where DPM is running. Default value: |
|
Number |
The port where DPM is running. Default value: |
|
Number |
The initial interval between reconnection attempts, expressed in milliseconds. The total time between retries is calculated as the product of the initial interval in milliseconds and the interval multiplier exponentiated by the number of the retry attempt (initialIntervalMs * intervalMultiplier ^ attemptNumber). Default value: |
|
Number |
The multiplier of the initial time interval between reconnection attempts. The total time between retries is calculated as the product of the initial interval in milliseconds and the interval multiplier exponentiated by the number of the retry attempt (initialIntervalMs * intervalMultiplier ^ attemptNumber). Default value: |
|
Number |
The time interval after which the connection is considered stable and the retry policy is reset. A connection is considered stable if there are no errors communicating with DPM during this period. Expressed in milliseconds. Default value: |
|
Number |
The maximum number of threads that can be used for processing events coming from DPM. Default value: |
|
Number |
The minimum number of threads that need to be kept alive at all times. These threads are dedicated only to processing events coming from DPM. Default value: |
|
String |
Defines the amount of time after which the token generated by the internal JWT generator expires. If the token expires too fast, this can lead to the following error: “UNAUTHENTICATED: Expired JWT”. Keep in mind that extending the validity of the JWT token can potentially lead to security issues as the subscription can remain active even after the token has been revoked. Default value: |
|
String |
Defines the amount of time after which the streaming token generated by the internal JWT generator expires. If the token expires too fast, this can lead to the following error: “UNAUTHENTICATED: Expired JWT”. Keep in mind that extending the validity of the JWT token can potentially lead to security issues as the subscription can remain active even after the token has been revoked. Default value: |
Job processing
Property | Data type | Description |
---|---|---|
|
Number |
The maximum number of threads that can be used for job canceling requests in case the dedicated queue is full. Default value: |
|
Number |
The minimum number of threads that need to be kept alive at all times unless the timeout is configured. These threads are used only for job canceling requests. Default value: |
|
Number |
The number of requests that the queue for job canceling requests can contain. Once the limit is reached, the number of threads in the pool increases to the maximum thread count. Default value: |
|
Boolean |
Enables timeout for core threads in the pool for job canceling requests. In this case, the pool prioritizes starting core threads over adding requests to the pool queue. Default value: |
|
String |
Determines whether running jobs that were started in a previous session should be recovered or canceled on the application start. In other words, the property adds a possibility to disable disaster recovery for jobs. The following options are available:
Default value: |
Monitoring projects
Property | Data type | Description |
---|---|---|
|
Boolean |
If set to For more information about custom retention configuration, which is managed through the web application, see Monitoring Project Results, Reports, and Notifications. Default: |
|
String |
Sets how often the the application should check for results older than the defined retention period. Default value: |
|
Number |
Decides the maximum number of DPEs that are utilized by a single monitoring project DQ job. Default value: |
|
Boolean |
Decides if rule suggestions are enabled in monitoring projects. Default value: |
Relationships graph
Property | Data type | Description |
---|---|---|
|
String |
Enables using external lineage for relationship graphs. |
|
String |
A JDBC connection string pointing to the external lineage database. Default value: |
|
String |
The JDBC driver class name for the external lineage database. The driver must be on the application classpath. Default value: |
|
String |
The username for the external lineage database. Default value: |
|
String |
The password for the external lineage database. Default value: |
|
String |
The name of the table containing external catalog items. Default value: |
|
String |
The name of the table containing external attributes. Default value: |
|
String |
The name of the table containing external edges. Default value: |
RDM connection
Property | Data type | Description |
---|---|---|
|
String |
The URL of the RDM GraphQL endpoint that is used for deploying configuration to RDM. Default value: |
Profiling plugin
Property | Data type | Description |
---|---|---|
|
Number |
The total number of values for count statistics that should be stored. Applies separately to each of the following categories: frequency analysis performed on attribute level, and the related frequency groups, masks, and patterns. Default value: The maximum allowed value is |
|
Number |
The number of catalog items for which metadata is retrieved in a single batch for preprocessing purposes. Before profiling starts, catalog item metadata needs to be imported, which is done in batches. A higher value improves profiling performance but can lead to issues with insufficient memory. Default value: |
Drillthrough
Drillthrough data refers to invalid samples (data) and results of DQ (failed rules and explanations). |
Property | Data type | Description | ||
---|---|---|---|---|
|
Number |
Defines how long the drillthrough cache stores data. Expressed in minutes. Default value: |
||
|
Number |
Configures the size of the drillthrough in-memory cache. Expressed in megabytes. Default value: |
||
|
String |
Defines for how long drillthrough data is stored. By default, it is never removed.
Default value: |
||
|
String |
Configures how often drillthroughs are removed.
Should be configured with regard to Default value: |
||
|
String |
The name of the bucket in the Object Storage where drillthroughs are stored.
Default value: |
||
|
Boolean |
Enables records encryption of invalid samples in shared file system. Default value: |
ONE Object Storage
The following section contains only MMM-specific ONE Object Storage properties. For more information about how to set up ONE Object Storage and an overview of the properties shared with DPM and DPE modules, refer to ONE Object Storage Configuration.
Property | Data type | Description |
---|---|---|
|
String |
A relative path to the folder containing files that should be uploaded to the object storage. |
|
String |
A URL pointing to the ZIP file that should be used for data import. |
|
String |
Defines how the application behaves in case of an issue with data import. Available options are as follows:
Default value: |
Lookups
Property | Data type | Description |
---|---|---|
|
String |
Configures how often to cancel lookup upload jobs that have exceeded the timeout defined in the Default value: |
|
String |
The expiration timeout for lookup upload jobs.
Jobs older that this are canceled based on the frequency defined in the Default value: |
Core settings
Property | Data type | Description |
---|---|---|
|
String |
Points to the folder containing the basic data that should be loaded into the application on startup. Default value: |
|
String |
Points to the folder containing the demo data that should be loaded into the application on startup. Default value: |
Notifications
Property | Data type | Description |
---|---|---|
|
Number |
The maximum number of notifications per GraphQL subscription that are cached on the backend before they are sent to the frontend. Default value: |
SQL catalog items
Property | Data type | Description |
---|---|---|
|
Boolean |
Controls whether the SQL catalog items feature is available in the application. Enforces capability 'dsl-query-catalog-items' on generic API level. Default value: |
Thread monitor
Property | Data type | Description |
---|---|---|
|
Boolean |
Enables the thread monitor.
If set to Default value: |
|
String |
Sets how often long running threads are sampled. The relevant statistics are periodically printed. Default value: |
|
Boolean |
Exposes the thread monitor metrics. Default: |
|
String |
A comma-separated list of regular expressions that are applied to stack trace elements. Only the matched elements are printed to the stack trace log. Default value: |
|
String |
A comma-separated list of regular expressions that are applied to stack trace elements. The matched elements are not printed to the stack trace log. Default value: |
|
Boolean |
Enables long running thread detection for the (default) pool. Default settings can be overridden for a specific pool. Default value: |
|
String |
Defines the threshold for long running threads. All threads running longer than the limit are considered as long running and reported. Default settings can be overridden for a specific pool. Default value: |
|
Boolean |
Enables logging all details for the thread pool, including the stack trace of long running threads. Default settings can be overridden for a specific pool. Default value: |
GraphQL
Property | Data type | Description |
---|---|---|
|
Boolean |
If set to |
|
Boolean |
To log requests made to GraphQL endpoints, set to |
|
String |
Used to filter logs by the URL.
If set to Default value: |
|
Boolean |
Defines if logs for GraphQL endpoints store the request’s HTTP headers.
To log headers, set the value to Default value: |
|
Boolean |
Defines if logs for GraphQL endpoints store the request’s payload.
To log payloads, set the value to Default value: |
|
Number |
Sets the maximum length of the request’s payload expressed in characters. When the request’s payload exceeds this number, the payload is truncated and logs store only the characters within the limit. Default value: |
|
Boolean |
Defines if logs for GraphQL endpoints store the query string parameters sent with the request.
To log query string parameters, set the value to Default value: |
|
Boolean |
Defines if logs for GraphQL endpoints store information about the client that made the request.
To log client information, set the value to Default value: |
|
String |
A list of HTTP headers that are masked in the logs. This is used to prevent leaking sensitive data, such as authentication tokens. Default value: |
|
String |
Configures the logging level for GraphQL requests and responses.
To enable logging, must be set to |
|
Boolean |
Enables introspection in GraphQL. When enabled, the introspection can be allowed for users (configured based on the type of user and role) and for headers. At least one user or header configuration must match for introspection to be allowed. See the following introspection properties for the configuration options. Default value: |
|
String |
Defines the type of user that can use introspection in GraphQL. You can set this property to one of the following options:
|
|
String |
Defines which roles can use introspection in GraphQL if the |
|
String |
Defines the headers under which introspection is allowed for a specific request.
Note that configuring headers typically requires that the user cannot specify the header (stripped by ingress).
For example, |
|
Boolean |
If set to |
|
Boolean |
Enables logging query parts.
Applies only if GraphQL requests are logged as well ( |
|
Boolean |
Enables logging query variables.
Applies only if GraphQL requests are logged as well ( |
|
Boolean |
Enables logging the operation names.
Applies only if GraphQL requests are logged as well ( |
|
Boolean |
If set to |
|
Boolean |
Enables logging result parts.
Applies only if GraphQL responses are logged as well ( |
|
Boolean |
Enables logging the stack trace if an exception is thrown.
Applies only if GraphQL responses are logged as well ( |
|
String |
A regular expression pattern used for masking sensitive information in MMM logs related to GraphQL. When there is a match, that field is redacted from the GraphQL request or response. |
|
Boolean |
If set to Default value: |
|
Boolean |
If set to Default value: |
|
String |
Determines whether fields are measured.
Can be overridden in GraphQL annotation unless it is disabled.
Possible values: Default value: |
|
Boolean |
If set to Default value: |
User Provider plugin
Property | Data type | Description |
---|---|---|
|
String |
A cron expression used to schedule user synchronization between Keycloak and MMM.
Disabled by default ( Cron expressions in Spring format use six space-separated fields representing the following: second, minute, hour, day of the month, month, and day of the week.
For example, to run the synchronization every day at midnight, set the property to Default value: |
|
String |
Configures the minimum period of time between two user synchronization attempts. If user synchronization is invoked immediately after the previous synchronization, the second invocation is skipped as it is considered unnecessary. Default value: |
|
Boolean |
Enables user synchronization with the identity provider (IDP) on application startup. Default value: |
|
String |
Defines how user synchronization is handled after migrating from one instance of Keycloak to another. By default, users are synchronized by the Keycloak identifier. However, new identifiers are assigned after migration. The following options are available for merging users:
Default value: |
Flow events
The following properties configure how many flow events can be processed simultaneously. Flow events are events that are used internally in documentation flows and monitoring projects (for example, they are raised when profiling is finished).
Property | Data type | Description |
---|---|---|
|
Number |
The initial number of threads in the flow event handler thread pool. Default value: |
|
Number |
The maximum number of threads in the flow event handler thread pool. New threads are spawned only when the queue size exceeds its capacity. Default value: |
|
Number |
The number of tasks that the flow event handler thread pool queue can contain. New threads are added only if the queue size is greater than this threshold. If no new threads can be created, the event handler can be rejected. Default value: |
External events
Property | Data type | Description |
---|---|---|
|
Number |
The number of threads used for processing external events. Default value: |
|
String |
Configures how often old subscriptions are checked for and deleted. Default value: |
|
String |
Defines for how long offline subscriptions are retained. The longer the period, the more historical events are stored, which allows clients to occasionally reconnect. On the other hand, retaining a large number of one-time subscriptions that have not been fully unsubscribed increases the amount of data kept in the internal database. Default value: |
|
Number |
The maximum number of subscribers that can be registered simultaneously. When the limit has been reached, new subscriptions are automatically rejected. Default value: |
|
Number |
The number of events that can be stored for each subscriber. Once the limit is reached, the oldest events are discarded. Default value: |
Scheduler
Property | Data type | Description |
---|---|---|
|
Number |
The initial number of threads in the scheduler thread pool. Default value: |
|
Number |
The maximum number of threads in the scheduler thread pool. New threads are spawned only when the queue size exceeds its capacity. Default value: |
|
Number |
The number of tasks that the executor queue can contain. New threads are added only if the queue size is greater than this threshold. If no new threads can be created, jobs can be rejected. Default value: |
Components
Property | Data type | Description |
---|---|---|
|
String |
The version of components that MMM generates for ONE Desktop. Used in component rules, virtual catalog items, monitoring and post-processing plans. Default value: |
Audit
Property | Data type | Description |
---|---|---|
|
Boolean |
Enables auditing. |
|
String |
A JDBC connection string pointing to the database where audit logs are stored. Default value: |
|
String |
The username for the audit database. Default value: |
|
String |
The password for the audit database. Default value: |
SMTP server
Property | Data type | Description | ||
---|---|---|---|---|
|
String |
The URL or the hostname where the SMTP server is running. Default value: |
||
|
Number |
The port where the SMTP server is running. Default value: |
||
|
String |
The username for the SMTP server. Default value: |
||
|
String |
The password for the SMTP server. Default value: |
||
|
Boolean |
Enables authentication on the SMTP server. Default value: |
||
|
Boolean |
Enables TLS authentication on the SMTP server. Default value: |
||
|
String |
The sender address. Default value: |
||
|
String |
The base URL for generating links in emails. Default value:
|
||
|
Boolean |
Must be set to Default value: |
Anomaly Detector
Property | Data type | Description | ||
---|---|---|---|---|
|
String |
The IP address or the hostname of the server where the Anomaly Detector microservice is running. Default value: |
||
|
Number |
The number of the gRPC port where the Anomaly Detector microservice is running. Default value: |
||
|
String |
Defines how often the Anomaly Detection plugin checks the queue for new anomaly detection jobs.
Default value: |
||
|
String |
Configures after which amount of time a request sent to the Anomaly Detector expires. Default value: |
||
|
Boolean |
Enables collecting metrics on Anomaly Detection. Default value: |
||
|
Number |
The maximum number of threads that can be used for storing anomaly detection results. Default value: |
||
|
Number |
The minimum number of threads that need to be kept alive at all times. These threads are dedicated only to storing anomaly detection results. Default value: |
||
|
Number |
The number of threads used for scheduled processing of anomaly detection queues. Default value: |
||
|
Number |
The maximum number of profiles on which anomaly detection can run. Default value: |
||
|
Number |
The minimum number of profiles on which anomaly detection is run. In case the total number of available profiles is lower than or equal to this value, anomaly detection is skipped. Default value: |
||
|
String |
Defines for how long the plugin waits for the response streams from the Anomaly Detector to finish before the job fails. Default value: |
Term Suggestions
Property | Data type | Description |
---|---|---|
|
Boolean |
If set to Default value: |
|
String |
The IP address or the hostname of the server where the Term Suggestions microservices are running. Default value: |
|
Number |
The number of the gRPC port where the Term Suggestions microservices are running. Default value: |
Was this page useful?