Advanced Parameters
The advanced parameters of MigratoryData are described below.
RunAsUser
| Description | Specify the unprivileged (normal) user to run MigratoryData |
| Default value | No default value |
| Required parameter | Optional |
For example, if migratorydata is an existing normal user,
then you could configure MigratoryData to run as a normal
user as follows:
RunAsUser = migratorydata
Then, start MigratoryData as root (this is
necessary to be able to bind on the privileged ports 80 or
443). Please note that while running as root,
MigratoryData will not accept any client connections. Then,
MigratoryData will drop the root privileges (using the system
call setuid) and will automatically switch to the normal
user migratorydata. Only at this time, MigratoryData
Server will start to accept client connections.
PublishAllowFromAddressList
| Description | Define the list of IP addresses allowed for message publication |
| Default value | No default value |
| Required parameter | Optional |
If this parameter is configured, then MigratoryData will accept message publications only from the clients running on any of the IP addresses defined by this parameter.
If this parameter is not set, message publication will be allowed from any client provided however that the client is allowed by the entitlement rules you define (see the Entitlement parameter).
ipv4_address/mask is also supported where the ipv4_address is an IPv4 dotted decimal address
and the mask suffix is a number between 1 and 32. The mask suffix is
optional, its default value is 32. For example, by configuring in the MigratoryData server the following:
PublishAllowFromAddressList = 192.168.5.23, 10.0.0.0/24
only the publishers from the IP addresses from 10.0.0.0 to 10.0.0.255, as well as from the IP address 192.168.5.23,
are allowed to publish messages to the MigratoryData server.
Native.Ssl
| Description | Specify whether to use OpenSSL for native TLS/SSL communication |
| Default value | false |
| Required parameter | Optional |
This parameter can have two values: true or false. If set on true,
then MigratoryData will use the OpenSSL library for TLS/SSL
support. The OpenSSL library provides a better implementation of TLS/SSL
in terms of memory and CPU usage compared to the default implementation
of Java. While this difference might not be substantial for small or
medium MigratoryData deployments, for large MigratoryData deployments
with millions of users, it is recommended to use OpenSSL.
MaxCachedMessagesPerSubject
| Description | The number of the most recent messages to be cached |
| Default value | 1000 |
| Required parameter | Optional |
For each subject, the MigratoryData maintains an in-memory cache. Messages are removed continuously from the cache of each subject, however each message is held in the cache up to the number of messages defined by this parameter or at least for the number of seconds defined by the parameter CacheExpireTime, whichever comes first..
This parameter applies only if the Guaranteed Message Delivery feature is enabled, see the parameter ClusterDeliveryMode for more details.
CacheExpireTime
| Description | The number of seconds to cache a message |
| Default value | 180 |
| Required parameter | Optional |
For each subject, the MigratoryData maintains an in-memory cache. Messages are removed continuously from the cache of each subject, however each message is held in the cache up to the number of messages defined by the parameter MaxCachedMessagesPerSubject or at least for the number of seconds defined by this parameter, whichever comes first.
This parameter applies only if the Guaranteed Message Delivery feature is enabled, see the parameter ClusterDeliveryMode for more details.
Workgroups
| Description | The number of groups of clients |
| Default value | The number of total CPU cores available |
| Required parameter | optional |
In order to better scale on multiprocessor hardware the incoming users are separated in groups. This parameter configures the number of groups (every group has a dedicated thread). If not supplied the total CPU cores available is the default value. In most situations it is not recommended to modify the default value.
IoThreads
| Description | The number of threads used for I/O processing |
| Default value | The number of total CPU cores available |
| Required parameter | Optional |
If not supplied the number of total CPU cores available is the default value. In most situations it is not recommended to modify the default value.
Stats.LogInterval
| Description | Specify the time interval in seconds to log various statistics |
| Default value | 60 |
| Required parameter | Optional |
The minimum value of this parameter is 5 seconds. The format of the
stats logs is as follows:
[timespamp] [S] [INFO] [STATS] {
connectedSessions,\
connectedSessionsWeb,\
connectedSessionsMobile,\
connectedSessionsDesktop,\
sessionConnectionsPerSecond,\
sessionDisconnectionsPerSecond,\
inPublishMessagesPerSecond,\
outPublishMessagesPerSecond,\
inBytesPerSecond,\
outBytesPerSecond,\
clientInPublishMessagesPerSecond,\
connectRateRecoverySuccessPerSecond,\
connectRateRecoveryFailPerSecond,\
clientPublishFailedPerSecond\
}
MaxBatchingSpace
| Description | The maximum size of the batching in bytes |
| Default value | 0 |
| Required parameter | Optional |
See the batching feature to learn about batching before configuring this parameter. If this
parameter is not configured or configured with the default value 0, then batching is disabled.
MaxBatchingTime
| Description | The maximum time of the batching in milliseconds |
| Default value | 0 |
| Required parameter | Optional |
See the batching feature to learn about batching before configuring this parameter. If this
parameter is not configured or configured with the default value 0, then batching is disabled.
SslProtocols
| Description | Enable one or more SSL protocols |
| Default value | TLSv1.2, TLSv1.1, TLSv1 for Java 8 |
| Required parameter | Optional |
For Java 8, the following TLS/SSL protocols are configured by default TLSv1.2, TLSv1.1, TLSv1. You can change the
default list of TLS/SSL protocols by using this parameter. For example, to enable only the TLSv1.2 protocol, configure
this parameter as follows:
SslProtocols = TLSv1.2
CipherListEnabled
| Description | Enable one or more SSL ciphers besides the default JVM ciphers |
| Default value | No default value |
| Required parameter | Optional |
Use this parameter to enable one or more supported ciphers not enabled by default. For example:
CipherListEnabled = \
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, \
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
CipherListExcluded
| Description | Exclude one or more SSL ciphers from the default JVM ciphers |
| Default value | No default value |
| Required parameter | Optional |
Use this parameter to exclude one or more ciphers enabled by default. For example:
CipherListEnabled = \
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, \
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
MaxMessageSize
| Description | The maximum message size in bytes |
| Default value | 65536 (64 KB) |
| Required parameter | Optional |
This parameter specifies the maximum number of bytes a message should have (including the protocol overhead) to be accepted by MigratoryData. A client which sends a message larger than this size will be automatically disconnected.
NOTIFY_MESSAGE_SIZE_LIMIT_EXCEEDED.
MaxBandwidthRate
| Description | Specifies the maximum bandwidth rate in megabytes/second |
| Default value | 0 |
| Required parameter | Optional |
This parameter specifies the maximum bandwidth rate – in megabytes per second (MB/s) – that the MigratoryData server is allowed to consume from the available network bandwidth capacity to push messages to clients. If zero is specified, the bandwidth rate will not be limited (this is the default value).
This parameter is particularly useful for use cases where, occasionally, the outgoing message throughput is higher than the available network bandwidth capacity. Suppose the MigratoryData server is installed on a machine with a network bandwidth capacity of 1 Gbps (i.e. 125 MB/s), and supposing there are one or more large messages to be delivered to a large number of users, producing an outgoing data volume of 1250 MB. By configuring this parameter at 125 MB/s, the assumed available network capacity, the MigratoryData server will be able to deliver that volume of data during 10 seconds, and then operate normally, with low message latency. Otherwise, without configuring this parameter, the system might be severely impacted - as the capacity of the kernel’s socket buffers could be exhausted.
Note that configuring this parameter could be useful not only for the use cases discussed above. It can be used as a protection against the deliberate or accidental exceeding of the available network bandwidth capacity for any other use case.
For most cases, this parameter should be configured to be equal to the available network bandwidth capacity.
Extension.InteractivePublishing
| Description | Enable the interactive publishing add-on |
| Default value | false |
| Required parameter | Optional |
The interactive publishing add-on is preinstalled
in the MigratoryData server, but it is disabled by default. To enable it, set this parameter on true.
Extension.InteractivePublishing.Token
| Description | Entitlement token used by the interactive publishing add-on |
| Default value | No default value |
| Required parameter | Required if Extension.InteractivePublishing is set on true |
In a MigratoryData cluster, the interactive publishing add-on of a cluster node communicates with the interactive publishing add-ons of the other cluster nodes, as well as with the interactive publishers of the MigratoryData cluster using a number of meta-subjects, subjects which start with the following subject prefix:
/__migratorydata__/ipub/
If the parameter Entitlement is set on Basic or
None, then configure this parameter with the value of the parameter
EntitlementAllowToken. If the parameter
Entitlement is set on JWT, then
configure this parameter with a JWT token that includes in the list all under its section permissions,
the following wildcard subject /__migratorydata__/ipub/*. Finally, if the parameter
Entitlement is set on Custom,
then configure this parameter with any entitlement token, provided that your entitlement rules authorize it for
subscriptions and publications on all subjects which start with the prefix /__migratorydata__/ipub/.
Basic or None, then you can use the value of the parameter
EntitlementAllowToken as the
entitlement token of your interactive publisher. If the parameter Entitlement
is set on JWT, then use a JWT token that includes in the list all
under its section permissions the wildcard subject /__migratorydata__/ipub/* as the
entitlement token of your interactive publisher. Finally, if the
Entitlement parameter is set on
Custom, then use any entitlement token for your interactive publisher, provided
that your entitlement rules authorize it for subscriptions and publications on all subjects which start with the prefix /__migratorydata__/ipub/.
Extension.Audit.Access
| Description | Specify whether to enable the audit access logs or not |
| Default value | false |
| Required parameter | Optional |
Set this parameter on true to enable the audit access logs from your custom audit extension. If your custom audit
extension built with the Server Extensions API for Audit and deployed under the folder extensions of your
MigratoryData installation is not already enabled, then configuring this parameter on true will also enable your
custom audit extension.
Alternatively, set this parameter on log4j to load the ready-made Log4j audit extension pre-installed under the folder
addons of your MigratoryData installation.
Extension.Audit.Cache
| Description | Specify whether to enable the audit cache logs or not |
| Default value | false |
| Required parameter | Optional |
Set this parameter on true to enable the audit cache logs from your custom audit extension. If your custom audit
extension built with the Server Extensions API for Audit and deployed under the folder extensions of your
MigratoryData installation is not already enabled, then configuring this parameter on true will also enable your
custom audit extension.
Alternatively, set this parameter on log4j to load the ready-made Log4j audit extension pre-installed under the folder
addons of your MigratoryData installation.
Extension.Audit.Message
| Description | Specify whether to enable the audit message logs or not |
| Default value | false |
| Required parameter | Optional |
Set this parameter on true to enable the audit message logs from your custom audit extension. If your custom audit
extension built with the Server Extensions API for Audit and deployed under the folder extensions of your
MigratoryData installation is not already enabled, then configuring this parameter on true will also enable your
custom audit extension.
Alternatively, set this parameter on log4j to load the ready-made Log4j audit extension pre-installed under the folder
addons of your MigratoryData installation.
Extension.Audit.Stats
| Description | Specify whether to enable the audit stats logs or not |
| Default value | false |
| Required parameter | Optional |
Set this parameter on true to enable the audit stats logs from your custom audit extension. If your custom audit
extension built with the Server Extensions API for Audit and deployed under the folder extensions of your
MigratoryData installation is not already enabled, then configuring this parameter on true will also enable your
custom audit extension.
Alternatively, set this parameter on log4j to load the ready-made Log4j audit extension pre-installed under the folder
addons of your MigratoryData installation.