Navigation :

ManageApp

Management Application Configuration

The N2SVCD Management Application provides a simple HTTP server to which operators can connect in order to view the current N2SVCD running configuration. Drilldown links allow operators to monitor in-use resources (e.g. to check connection status, and to review long-running calls in progress).

When the N2SVCD is running, you can connect your web browser to the N2SVCD Management interface at the address http://<n2svcd-host>:8088/, or other port number as may be configured.

In addition:

The same port number provides a HTTP/JSON API.
The svcmanage command-line tool also provides run-time Management functions.

Note that the ManageApp is quite distinct from the WatchdogApp:

The WatchdogApp is mandatory, while ManageApp is entirely optional.
The WatchdogApp is never forked, but ManageApp may be forked.
The WatchdogApp is responsible for Shutdown on Signals, and Heartbeats.
The ManageApp supports query, trace, and management of applications and instances.

You should only ever require one Management Application instance within the N2SVCD, although it is possible to run multiple apps (as long as each one listens on a distinct TCP port number). You don’t need to run any Management Application at all, although not doing so means that you will not have the ability to query the status of your running services.

The following configuration is used to create a Management Application instance.

<?xml version="1.0" encoding="utf-8"?>
<n2svcd>
  ...
  <applications>
    ...
    <application name="Manager" module="ManageApp">
      <include><lib>../apps/manage/lib</lib></include>
      <parameters>
        <parameter name="http_host" value="10.42.2.154"/>
        <parameter name="http_port" value="8088"/>
        <parameter name="security" value="sha1"/>
        <!-- Overridden by "config.users". -->
        <parameter name="admin_password" value="LSNb2Q/UBFfpT.hd:gdiyvTHqk+lnJqogbloOBzTGIC8"/>
        <parameter name="user_password" value="SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg"/>
        <parameter name="identifier" value="Production 01"/>
      </parameters>
      <config>
          <!-- Overrides "admin_password" and "user_password". -->
          <users>
              <user name="fred" password="Gff1KoM88MkbCSSg:WRjvf1HPmI9fKcXDddkEETtBzh0" is_admin="true" />
              <user name="wilma" password="noupxm9rVbJvTbTD:ocLjUrhD6lx5UTguRvcw0p4q2RQ" />
          </users>
      </config>
    </application>
    ...
  </application>
  ...
</n2svcd>

Configuration Details

The application element attributes for a Manage Application instance may include the below.

For details of the various parameter types used, refer to Common Configuration.

Parameter Name	Type	XML Type	Description
See: Common Application configuration
`module`	String	Attribute	[Required] `ManageApp`
`include.lib`	String	Element	[Required] `../apps/manage/lib`
`parameters`	Array	Attribute	[Required] As per Common Configuration Application `parameters`.
`"edr_enabled"`	-	-	This value is ignored; the Manage Application does not support writing EDRs.
`"ssl"`	Boolean	Attribute	Whether or not the management GUI will operate under a secure SSL mode. If enabled, all traffic is expected via SSL and insecure connections will be rejected. (Default = `0`)
`"http_host"`	String	Attribute	IPv4 Host Name or A.B.C.D IPv4 Address on which to listen for management requests when `ssl` is not enabled. (Default = `0.0.0.0`)
`"http_port"`	Integer	Attribute	IPv4 Port Number on which to listen for management requests when `ssl` is not enabled. (Default = `8088`)
`"https_host"`	String	Attribute	IPv4 Host Name or A.B.C.D IPv4 Address on which to listen for management requests when `ssl` is enabled. (Default = `0.0.0.0`)
`"https_port"`	Integer	Attribute	IPv4 Port Number on which to listen for management requests when `ssl` is enabled. (Default = `8089`)
`"ssl_cert"`	String	Attribute	[Conditional] The file path on disk to the location of the SSL Certificate to use when generating SSL connections. This is required if SSL is enabled. The specified path must be readable by the application user.
`"ssl_key"`	Integer	Attribute	[Conditional] The file path on disk to the location of the SSL Key to use when generating SSL connections. This is required if SSL is enabled. The specified path must be readable by the application user.
`"html_dir"`	String	Attribute	Directory containing static resource files for HTML management interface. (Default = `../apps/manage/html`)
`"use_cache"`	Boolean	Attribute	Whether static files cached forever in memory and never checked for changes. (Default = `YES`)
`"security"`	String	Attribute	Specifies how passwords are encoded. Possible values are: `open` = administrator access granted to all users without authentication `closed` = all access is denied `plain` = passwords are configured without encryption `sha1` = passwords are stored as SHA1 hash `bcrypt` = passwords are stored as Bcrypt hash (Default = `plain`)
`"admin_password"`	String	Attribute	The password for the `admin` user. For `security` = `open` or `closed`, this password is not used. For `security` = `plain`, this is a plaintext password. For other types of `security`, this is the hashed version of the password including a salt prefix. If the password is set to an empty string, login with the `admin` will be disabled. If any usernames and passwords are defined under `config.users`, the default `admin` user will not be available. (Default = No `admin` Password)
`"user_password"`	String	Attribute	The password for the `user` user. For `security` = `open` or `closed`, this password is not used. For `security` = `plain`, this is a plaintext password. For other types of `security`, this is the hashed version of the password including a salt prefix. If the password is set to an empty string, login with the `user` will be disabled. If any usernames and passwords are defined under `config.users`, the default `user` user will not be available. (Default = No `user` Password)
`"identifier"`	String	Attribute	Application name or identifier that is shown in the top left of the management GUI application. This parameter is useful for identifying which N2SVCD instance is being managed in deployments where several may exist. (Default = No Identifier)
`config`	Object	Element	Container for extended configuration for this Application instance.
`.users`	Array	Element	Array of `user` elements defining user information.

User Configuration

Individual users may be configured within the config.users section.

<?xml version="1.0" encoding="utf-8"?>
<n2svcd>
  ...
  <applications>
    ...
    <application name="Manager" module="ManageApp">
      ...
      <config>
          <!-- Overrides "admin_password" and "user_password". -->
          <users>
              <user name="fred" password="LSNb2Q/UBFfpT.hd:gdiyvTHqk+lnJqogbloOBzTGIC8" is_admin="true" />
              <user name="wilma" password="SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg" />
          </users>
      </config>
    </application>
    ...
  </application>
  ...
</n2svcd>

Each user element has the following parameters:

Parameter Name	Type	XML Type	Description
`name`	String	Attribute	The username for this user to access the system.
`password`	String	Attribute	The password for this user to access the system. For `security` = `open` or `closed`, this password is not used. For security = `plain`, this is a plaintext password. For other types of security, this is the hashed version of the password, including a salt prefix. If the password is set to an empty string or not specified, login with this user will be disabled.
`is_admin`	Boolean	Attribute	Whether the user is an administrator or not. Defaults to `false`.

Note that if any user definitions are configured, the admin_password and user_password parameters are not used. However, such users may be explicitly defined with matching usernames if required, e.g.:

<users>
    <user name="admin" password="LSNb2Q/UBFfpT.hd:gdiyvTHqk+lnJqogbloOBzTGIC8" is_admin="true" />
    <user name="user" password="SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg" />
    ...
</users>

Generating Hashed Passwords

When using the sha1 and bcrypt methods to store passwords, the value to be written into the database must be generated using the mkpasswd program supplied with the n2svcd daemon. This program is normally installed as /usr/share/n2svcd/bin/mkpasswd.

$ cd /usr/share/n2svcd/bin
$ ./mkpasswd sha1
Password:
Re-Enter:
[Encrypted] = SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg

Example Management Page

An example management page is:

Message Handling

In addition to the common Application management messages, the ManageApp uses the following messages:

MANAGEMENT Messages (!MANAGEMENT-*-REQUEST outbound).