Application Api
The Foundation Every Arch Deployment Depends On
Create Aplication
In Arch, the collection of microservices altogether is called an Application and this term encapsulates the entire project. The home page will present a list of Applications, which will be empty for a new install. Click Create.
Click Create on this screen to create the new Application. It will take you to the list of Microservices within the Application.
Create Application Api
The first microservice that must be created is the Application Api. Click Create to access the Create Microservice screen. Enter a name for the microservice and give it the type Application Api.
Click Create on this screen to create the Application Api microservice and add it to the Application. It will take you back to the list of Microservices within the Application.
Configure Aplication Api
Click on the Application Api microservice you just created in the list to edit its settings.
Setting up the microservice involves going through each section and configuring them as required. On these screens, you will see the raw values, but when providing them to the Application Api, they are given in encrypted form. The Control Panel prepares that encryption for you.
Menu Item
Description
Microservice
Configure general settings about the microservice.
Access
Configure how this microservice can be accessed.
Application
Configure how to access the Application Api (not application when the microservice is the Application Api).
Protected Memory
Configure the protected memory system.
Sql Server
Specify Sql Server connection strings.
Capabilities
Enable or disable certain features on the Application Api.
YubiHSM
Specify YubiHSM settings, when the HSM feature is enabled.
Guardian
Configure Guardian access, when the HSM feature is enabled.
References
References indicate to the Control Panel that a microservice has dependencies on other microservices. When these are specified, the Control Panel will make their encrypted access settings available in the generated configuration files. The Application Api has no dependencies -- and therefore no references -- so this section can be skipped.
Deployment
To proceed further, you must deploy your Application Api. In your arch-application-api.yml file will be a series of environment variables that require values. Obtain those values from the Environment Variables screen in the Control Panel. A helpful Copy to Clipboard button is provided next to each value, just click that and paste into its appropriate spot in the service yml file.
Deploy the Application Api into its Docker container when the environment variables are set up in arch-appplication-api.yml. Also change the volume source path to something appropriate for your deployment. As you require, you may also perform any other configurations to the yml file.
With the container running, perform a Health Check (see below). If the health check shows Healthy, you may proceed to the Create Application screen.
If you are using a Hardware Security Module, return to the Capabilities screen to enable the Hardware Security Module feature on the Application Api, and restart the container for it to take effect. Make sure the Hardware Security Module is properly set up, plugged in, and accessible to the Application Api. The Application Api will prevent proper startup until it is unlocked if this feature is enabled. Open the Unlock screen to unlock or unseal the Application Api. Unlock must be performed every time the Application Api restarts for any reason (when using HSM).
Menu Item
Description
AppSettings.json
Get the encrypted settings to use for appsettings.json.
Environment Variables
Get the encrypted settings as environment variables.
Create Application
Create the Application in the Application Api.
Unlock
Unlock the Application via its Guardian, if using the HSM feature.
Diagnostics
The Control Panel provides diagnostic capabilities for microservices in Arch to help troubleshoot any issues.
A Health Check can be performed to ensure the microservice is properly configured and starts up correctly. Health checks should be performed whenever setting up the microservice and for health monitoring.
A more thorough Configuration diagnostic can be performed to evaluate whether the configuration of the microservice matches what the Control Panel has specified. If there are discrepencies, there will most likely be Unauthorized Access and/or encryption errors. As this feature decrypts and relays configuration data to the Control Panel from the microservice, it must be enabled on the microservice in order to work. In the service yml file, add the following Microservice__EnableDiagnostics environment variable and set its value to true, then restart the container.
Microservice__EnableDiagnostics=true
Be sure to remove this setting when diagnostics is complete -- you never want this enabled in Production.
Menu Item
Description
Health Check
Perform a health check on the microservice.
Configuration
Diagnose deployed configuration settings.
Tech Sovereignty
Arch
Company
About Contact