RHub & Notification Framework - Post Deployment Activities

The RHub can be deployed as two flavors.

1. RHub on Premise

2. RHub On PAAS

This document explains deployment of both flavors.

RHub on Premise

The RHub deployment process will install the following components to the target deployment environment.

Create RHub instance

RHub instance creation is important step in the RHub installation. As in the RHub deployment it needs to provide the RHub instance id and RHub secret it is recommended to create the RHub instance in the Central Hub management UI (Chub) before starting the deployment. Central Hub is the management UI that is part of Smartops platform for managing the RHub instances. Following are the steps to create RHub instance in the central hub UI. Please note that the Chub is available in Smartops platform from version 7.5.0 onwards.

1. Click on the 9dots in the SmartOps ui to open the central hub UI.

   

2. Enter the RHub instance details in the respective fields.

   

   1. The RHub URL should be the server url of RHub instance running in an exposed location.

3. Once the RHub instance is created successfully, RHub instance id, RHub secret key will be generated. The RHub instance id and secret will be used during the deployment of RHub components. These values should be set as environment values of respective environment variables in the docker compose files.

    

   

    

4. Next step is to update the RHub configuration to the RHub instance. The configuration shall contain the RHub adapter configuration and RHub flow details. Sample RHub configuration is attached here.
   

5. The sync operation (Sync button click) will synchronize the configuration into RHub orchestrator and respective adapters.

6. Following is the basic structure of RHub configuration

Pre 7.5.0 version of Smartops platform does not have the Central Hub ui. In that case synchronization of the configuration is not possible thru Chub. The config_manager component’s

API to sync config

1. Method: POST

2. URL:

   https://<hostname>/configmanager/rhub/{rhub-instance-id}/configsync

   Eg:- https://smartops-rhub-qa.eastus.cloudapp.azure.com/configmanager/rhub/ced0fa15-564d-4b48-b93d-d8ff15e96d9a/configsync

3. Headers: Content-Type: application/json

4. RequestBody :

   {

     // configuration file json. Please refer the sample file here.

   }

5. PathVariable : variableId

     

Sample curl command -
Note: There is a JWT token based authentication is available for the configsync API. But as the Chub is not available till 7.5.0 it can be disabled. To disable the authentication set the cluster_jwt_check_enabled=OFF in the config_manager docker compose file.

Environment variables

Environment variables used in the docker compose.

 

Docker Compose files

Docker compose file for references.

      

URL Rewrite Configuration for Windows VM

The purpose of this change is to redirect the request coming from clients to RHub and ConfigManager. If the request URL has a patter with “orchestrator” then it should redirect to rhub orchestrator. If the request URL has a patter with “configmanager” then it should redirect to Config Manager.

1. Open the IIS in windows server.

2. Open the URL Rewrite option for the respective site.

3. Add inbound rule. Please find the below screenshots for references.

 

Nginx Configuration for Linux VM

TBD

RHub on PAAS

Setup WAF rules

Following patterns of URL has to be added in the Application Gateway WAF policy for the core platform.

• configmanager/rhub

• orchestrator/rhub

• Adapters/rest

• notification-inapp-api/api

• chub/api

• me/sendMail

• oauth2/v2.0/token

• ihub/dashboard

Please find the following screenshot for reference.

The above url patterns are “allowed” and must take precedence over “blocked” rules. (Note the position of IncludePlatformRules and RabbitMQPHPMyAdmin001.)

Execute the Sync operation once this is done to make sure the communication in between applications is works fine.

Note: For integrating a new adapter we should add adapter details in the adapters section of the configuration as in the image below.

If a valid adapter config is missing healthcheck error will occur as in the image below. Please refer below section.

Values for default RHub instance

• During the start up of the CHub application, its creating a RHub default instance. The values for creating default instances are,

  • RhubOrganizationName – Please provide the organization name

  • RhubInstanceID – Instance id can be any apha numeric value (recommended value - 6315729c-4388-11ec-8ba9-27bdfb03b60d)

  • RhubToken – Token can be any apha numeric value (recommended value - 6dfe069c-4388-11ec-a5d3-97726de7d584)

  • ChubAdminUsername - provide the default user name. It can be any alpha numeric value.

  • RhubInstanceName - Provide the name as default-instance

• Please update the values in the environment file

• 
•  

Notification Framework

Setups to be done in the target environment

Install AMQP 1.0 plugin in the target environment. The notification framework is using AMQP 1.0 for connecting to rabbitmq. After the plugin installation it requires a restart to reflect the changes in the environment.

Setup Offline Token

If you have done fresh installation, make sure that you generate offline token for Ustglobal Organization and its available in the secret key vault. The offline token is required to communicate from notification framework to user data store.

Notification Framework

• The notification framework APIs will be available in the platform as part of the deployment. Please note that the Notification framework is not integrated with any of the applications.

• In order to test the notification framework apis, the Rhub should be synced with a valid inapp flow.
  

• Please refer the attached configuration json to create a flow in rhub.

• Please do the following modification in the rhub configuration file before adding it to the configuration text area. Details about the rhub configuration file is explained in the Appendix section.

  • In the adapters section change the URL of all the adapters into the respective environment’s url. For example, the URL for oauth_basic adapter

    • In DEV - http://smartopsv1-dev03-rhub-adapters-oauth-basic-rest:9001

    • In QA - http://smartopsv1-qa01-rhub-adapters-oauth-basic-rest:9001

    • In Stage -

    • In Prod -

  • In the queue adapter section, we are configuring a flow to insert the notification into the InApp database collections.

    • Change the queue_host url to respective environment’s URL. The value of queue_host is used to generate the connection string to establish connection to rabbitmq.

      • In DEV - amqp://admin:j5c6ym6nFm8M2Yia@smartopsv1-dev03-rabbitmq:5672

      • In QA - amqp://admin:j5c6ym6nFm8M2Yia@smartopsv1-qa01-rabbitmq:5672

      • In Stage - amqp://admin:j5c6ym6nFm8M2Yia@smartopsv1-<<>>-rabbitmq:5672

      • In Prod - amqp://admin:j5c6ym6nFm8M2Yia@smartopsv1-<<>>-rabbitmq:5672

    • The flow_url is used to execute a flow to POST a notification to the InApp notification collections. So the flow_url should be defined in the flow section of the configuration and it should be used in the queue adapter. Change the flow_url to respective environments valid url. For example

    • In DEV - https://smartops-dev03.eastus.cloudapp.azure.com/orchestrator/rhub/execute/inappflow

    • In QA - https://smartops-qa01.eastus.cloudapp.azure.com/orchestrator/rhub/execute/inappflow

    • In Stage -

    • In Prod -

    • The url parameter is used to configure the api to be called when the flow is executed to insert notification to the InApp notification database. The API URL should be valid url of the InApp Notification’s POST Notification API.

      • In DEV - https://smartops-dev03.eastus.cloudapp.azure.com/notification-inapp-api/api/v1/notifications

      • In QA - https://smartops-qa01.eastus.cloudapp.azure.com/notification-inapp-api/api/v1/notifications

      • In Stage -

      • In Prod - https://smartops-<<>>.eastus.cloudapp.azure.com/notification-inapp-api/api/v1/notifications

  • Do the below setup to send the email notification,

    • Add a queue configuration in the queue adapter. Please refer to the appendix section to get a sample queue configuration for email.

    • The send_mail adapter should be added in the adapters section of the configuration. Please refer the appendix section to get the send_mail adapter.

    • A flow should be added in the config file to send email. Please refer the appendix section to get the sample flow for sending email.

    • If a user want to receive the notification as email, then he/she should be configure the user preference in the user data store. Please refer the “Create User data store (UDS) objects in the environment” to setup the user preference.

      Note: Make sure the user has sufficient permission for sending mails from the mailbox. Below image depicts Mail.Send permission in azure API Permissions.

      

  • To sync the flow, please follow below steps

    • Login to platform UI, click on the R-Hub icon in the 9dots.

      

    • Click on the “default-instance” RHub

      

    • Click Edit button available in the configuration area

      

Add the flow file mentioned in the above step and click the Save and Sync button.

Create User data store (UDS) objects in the environment

• The notification framework requires user preference to select the channel for sending notification. The user preferences are stored in the user data store system. A valid Offline token should be present in the secret key vault to establish the communication.

• As of release 7.8.1, “organization” key is no longer required for documents in appregistration collection, user_data_store db.

• The following command can be used to remove the unwanted key. Run it in the mongo shell of the primary member of mongodb replicaset in kubernetes.

use user_data_store
‎db.getCollection("appregistration").updateMany({}, {"$unset": {"organization": 1}})

• To create the user preference the user should call the UDS apis in the following order.

  • Create User API

  • Register application API. The application registered using this API will be consuming the notification API. For example, if rule-engine wants to sent a notification, then the rule engine should be registered as an application in the user data store.

  • Create user preference API (App Data API)

  • Refer the swagger documentation for user data store APIs https://<<>>/user-data-store/swagger#/

    
    ‎

• Create/Update the user preference for configuring the email channel

  • Create user preference API (App Data API)

  • Refer the swagger documentation for user data store APIs https://<<>>/user-data-store/swagger#/

    • Sample payload

{

"customData": {

"document-extracted": {

"channels": [

{

"email": [

"ihubdemo@gmail.com"

]

}

]

}

}

}

 

Steps to configure email notification

Following are the steps to configure and send email notification.

Create outbound email channel in iHub

Open the iHub and create an outbound email channel

Create queue channel in iHub with destination as outbound email channel

Configure the rabbitmq_amqp adapter in Rhub configuration and synchronize

Open RHub from the platform UI and open the rhub instance.

Edit the configuration file and add the rabbitmq_amqp adapter

Get the queue name, routing key & exchange name from the rabbit mq console and update the same in the rabbitmq_amqp adapter configuration

Create flow to invoke rabbitmq_amqp adapter

{

"id": "rabbitmq_amqp_flow",

"required-role": [

"admin",

"cms_processor"

],

"auth": {

"adapterId": "oauth_basic",

"source": "oauthadapter",

"sensitivepayload": {

"token": "$input.body.sensitivepayload.token"

}

},

"variables": {

"API-KEY": "https://covid-19-data.p.rapidapi.com/totals",

"key2": {

"dateparam": "20/02/20201",

"subkey2": "value"

}

},

"steps": [

{

"id": "step_1",

"type": "SYNC",

"adapterId": "rabbitmq_amqp",

"name": "invoke sync1",

"description": "",

"payload": {

"response": {

"data": "json"

},

"headers": {},

"email_object": "$input.body.payload.email_object"

},

"sensitivepayload": {},

"executionId": "$input.body.payload.email_object.executionId",

"correlationId": "$input.body.payload.email_object.correlationId",

"attachments": []

}

],

"type": "SYNC",

"responsepayload": {

"correlationId": "$step.step_1.correlationId",

"mailresponse": "$step.step_1.payload.response.data"

},

"responseStatus": {}

}

Configure new queue in the rhub queue listener adapter and map to the rabbitmq_amqp flow

{

"queue1": {

"queue_host": "amqp://admin:j5c6ym6nFm8M2Yia@smartopsv1-dev03-rabbitmq:5672/notification",

"queue_type": "rabbit",

"queue_name": "inapp",

"flow": "wwwinapp1222",

"flow_url": "https://smartops-dev03.eastus.cloudapp.azure.com/orchestrator/rhub/execute/inappflow",

"payload": {

"url": "https://smartops-dev03.eastus.cloudapp.azure.com/notification-inapp-api/api/v1/notifications",

"method": "post",

"version": "1",

"version1": "15",

"user_id": "$input.body.user_id",

"organization_name": "$input.body.organization_name",

"type": "$input.body.type",

"module": "$input.body.module",

"event_id": "$input.body.event_id",

"notification_obj": "$input.body.notification_obj",

"message": "$input.body.message",

"timestamp": "$input.body.timestamp",

"expiry": "$input.body.expiry",

"priority": "$input.body.priority",

"meta": "$input.body.meta"

},

"sensitivePayload": {

"api_token": "jwt generated by notification framework",

"token": "Basic amF5OmhlbGwwd29ybGQ="

},

"attachments": {}

}

}

Send notification

curl --location --request POST 'https://smartops-dev03.eastus.cloudapp.azure.com/notification-consumer-api/api/v1/notifications/' \

--header 'token: Basic 123' \

--header 'organization-name: ustglobal' \

--header 'Content-Type: application/json' \

--data-raw '{

"userIds": [

"smartops"

],

"module": "clones1",

"type": "alerts",

"event_id": "document-extracted",

"notification_obj": {"subject": "Document Extraction successfully completed", "username": "bct user", "document_name": "this is default msg 1.pdf"},

"message": "testing 1",

"timestamp": "2021-09-16T10:20:30",

"expiry": "2021-09-16T10:20:30",

"priority": 0

}'

 

Appendix

File structure and details of RHub Configuration

Rhub configuration is the json file which keeps the settings of RHub and adapters. It stores the declaration of adapters, flow configuration.

• Following is the basic structure of RHub configuration

  

   

• meta\storage_credentials: This element is storing the ACL configuration details of connecting from rhub orchestrator or respective adapter to the zookeeper. The username and password given here should same as the username and password set in the environment variables of respective dockers containers.

  "meta": {

  "storage_credentials": [

  {

  "username": "orchestrator",

  "password": "rotartsehcro",

  "acls": {

  "read": true,

  "write": true

  }

  }

  ]

  }

• adapters\<<adapter_name>>\state: This section storing the adapter specific information. For example, the oauth_basic has to store the username and password for authentication. The state element will have any information that is used in the adapter.

  {

  "state": {

  "credentials": {

  "password_encryption": "sha512",

  "users": [

  {

  "username": "jay2",

  "password": "sha512 hashed key of password",

  "roles": [

  "admin",

  "cms_processor"

  ]

  }

  ]

  }

  }

  }

• flows: This element is storing the flows and its steps.

• Sample queue configuration

  {

  "queue2": {

  "queue_host": "amqp://username:password@<<env>>-rabbitmq:5672/notification",

  "queue_type": "rabbit",

  "queue_name": "email",

  "flow": "send mail flow",

  "flow_url": "https://<<hostname>>/orchestrator/rhub/execute/send_mail_flow",

  "payload": {

  "executionId": "email",

  "correlationId": "email",

  "input_array": [

  {

  "message": "$input.body.message",

  "to": "$input.body.meta",

  "subject": "$input.body.subject"

  }

  ]

  },

  "sensitivePayload": {

  "api_token": "jwt generated by notification framework",

  "token": "Basic amF5OmhlbGwwd29ybGQ="

  },

  "attachments": {}

  }

  }

• send_email adapter configuration

  "send_mail": {

  "id": "send_mail",

  "url": "http://smartopsv1-<<env>>-rhub-adapters-send-mail-rest:9001",

  "state": {

  "is_trigger": false,

  "email_config": {

  "API-Key": "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",

  "sender": "smartopsnotifications@gmail.com"

  }

  },

  "meta": {

  "storage_credentials": [

  {

  "username": "send_mail",

  "password": "liamdnes",

  "acls": {

  "read": true

  }

  }

  ]

  }

  }

• Sample flow for send email

  {

  "id": "send_mail_flow",

  "required-role": [

  "admin",

  "cms_processor"

  ],

  "auth": {

  "adapterId": "oauth_basic",

  "source": "oauthadapter",

  "sensitivepayload": {

  "token": "$input.body.sensitivepayload.token"

  }

  },

  "variables": {

  "API-KEY": "https://covid-19-data.p.rapidapi.com/totals",

  "key2": {

  "dateparam": "20/02/20201",

  "subkey2": "value"

  }

  },

  "steps": [

  {

  "id": "step_1",

  "type": "SYNC",

  "adapterId": "send_mail",

  "name": "invoke sync1",

  "description": "",

  "payload": {

  "response": {

  "data": "json"

  },

  "headers": {},

  "input_array": "$input.body.payload.input_array"

  },

  "sensitivepayload": {},

  "executionId": "$input.body.payload.executionId",

  "correlationId": "$input.body.payload.correlationId",

  "attachments": []

  }

  ],

  "type": "SYNC",

  "responsepayload": {

  "correlationId": "$step.step_1.correlationId",

  "mailresponse": "$step.step_1.payload.response.data"

  },

  "responseStatus": {}

  }

• Please don’t make any change in the username & password of any adapters, rhub components. This is one of the item we are planning in the upcoming releases.

Swagger URLs for APIs

• notification-consumer-api (To send a notification. This shall be consumed by the application who is sending a notification.) - https://smartops-qa01.eastus.cloudapp.azure.com/notification-consumer-api/docs#

• notification-inapp-api (To read, delete, update a notification from the UI and create (post) notification send by the downstream application into the InApp notification collection - https://smartops-dev03.eastus.cloudapp.azure.com/notification-inapp-api/docs

• User data store (UDS) - https://smartops-dev03.eastus.cloudapp.azure.com/user-data-store/swagger#/