Talend Administration Center advanced configuration

Talend Big Data Platform Installation Guide for Windows

EnrichVersion
6.2
EnrichProdName
Talend Big Data Platform
task
Installation and Upgrade
EnrichPlatform
Talend Log Server
Talend CommandLine
Talend Repository Manager
Talend DQ Portal
Talend Artifact Repository
Talend Studio
Talend Project Audit
Talend Installer
Talend SAP RFC Server
Talend Runtime
Talend JobServer
Talend Administration Center
Talend Activity Monitoring Console

Most of the configuration parameters are stored in the Talend Administration Center database, like backup-related settings, port information, timeout duration, security settings, login delay and so on.

Some parameters can be updated, activated or deactivated from the Configuration page of the Web application or directly in the configuration.properties file, but you might need to edit some of them manually in the configuration table of the Talend Administration Center database. To access this database, open the database web console. To edit this database, open its web console which is accessible from the Database node of the Configuration page of Talend Administration Center.

The following pages detail advanced configuration procedures for Talend Administration Center:

Setting up High Availability

To implement this High Availability architecture, you follow these procedures:

Installing Tomcat in cluster mode
  1. Install one Tomcat server as described in Deploying Talend Administration Center on an application server.

  2. Before starting Tomcat and deploying Talend Administration Center, set it into cluster mode. To do so:

    • Edit the following file:

      /<ApplicationPath>/WEB-INF/classes/quartz.properties

    • Uncomment the following lines by removing the hash character preceding the command :

      #org.quartz.scheduler.instanceName = MyClusteredScheduler
      

      #org.quartz.scheduler.instanceId = AUTO
      

      #org.quartz.jobStore.isClustered = true
      

      #org.quartz.jobStore.clusterCheckinInterval = 20000

Duplicating Tomcat and the TAC web application
  1. Duplicate this Tomcat instance as many times as needed. Make sure that all Tomcat instances use different port numbers.

    Warning

    Make sure that all system clocks are synchronized (the clocks must be within a second of each other). For more information on time-sync services, please refer to the appropriate Microsoft documentation about SNTP, Windows Time Service tools and Network Clocks.

  2. Duplicate the org.talend.administrator Web application to all Tomcat instances. Make sure that all Web application configurations are identical.

  3. Launch one Tomcat instance following the commands given at the end of Deploying Talend Administration Center on an application server.

  4. Launch the other instances of Tomcat following the same procedure.

Fail-over will occur when one of the multiple execution servers fails while in the midst of executing one or more tasks. When a server fails, the other servers of the cluster detect the condition and identify the tasks in the database that were in progress within the failed server. Any tasks marked for recovery will be taken over by another server.

Note that the ranking of servers to be used for load balancing is based on indicators, whose bounds (such as free disk space limits) and weight are defined in the file: monitoring_client.properties which is located in <ApplicationPath>\WEB-INF\lib\org.talend.monitoring.client-A.B.C.jar. These values can be edited according to your needs. For more information, see Configuring the indicators which determine which server to be used for load balancing.

You can also deploy Talend Administration Center on a JBoss application server (instead of a Tomcat). So, you can follow the same above instructions for Jboss. For more information on how to deploy the Web application on JBoss, see Deploying Talend Administration Center on JBoss.

Note

One known minor issue related to the DST change might prevent the failover to operate properly. However as a simple workaround, simply restart Tomcat after the time change. This should have no impact on executions.

Migrating database X to database Y

If you want to migrate from one database to another, for example from H2 to MySQL, you need to use the MetaServlet command called migrateDatabase.

As the source database is updated during the migration process, it is mandatory to back it up before migrating it.

The MetaServlet application is located in <TomcatPath>/webapps/<TalendAdministrationCenter>/WEB-INF/classes folder.

Note that, to display the help of this command (with related parameters), you need to enter the following in the MetaServlet application:

MetaServletCaller.bat --tac-url=<yourApplicationURL> -h migrateDatabase

For more information on the MetaServlet application, see the Talend Administration Center User Guide.

See below an example of migration between H2 and PostgreSQL databases.

Please note that to be able to use this command, you need to put it on one single line first.

MetaServletCaller.bat --tac-url http://localhost:8080/org.talend.administrator --json-params='{"actionName": "migrateDatabase", "dbConfigPassword": "admin", "mode": "synchronous", "sourceUrl": "'jdbc:h2:C:/Talend/5.6.1/tac/apache-tomcat/webapps/org.talend.administrator/WEB-INF/database/talend_administrator'", "sourceUser": "admin", "sourcePasswd": "admin", "targetPasswd": "root", "targetUrl": "'jdbc:postgresql://localhost:5432/postgres'", "targetUser": "postgres"}'

Disabling SSL3 in Tomcat

In order to avoid POODLE vulnerability which allows attackers to downgrade SSL/TLS protocol to version SSL v3, and then break the cryptographic security, you might want to disable SSL v3 on the Tomcat server. For more information on how to do this, read the procedure on the Apache website.

Managing the database parameters

The configuration parameters are stored in the database, except for the parameters related to the Talend Administration Center database that are stored in the following file:

<ApplicationPath>/WEB-INF/classes/configuration.properties

The database-related passwords are encrypted at start up, when this file is parsed and loaded in the database.

Change the encrypted default account password

  1. Open the configuration.properties file to edit it.

  2. Note that the encrypted password is followed by: ",Encrypt"

    Remove all that is after the = sign, including ",Encrypt", and type in the new password of the default account.

  3. Save your changes and close the file. At next startup, the password will be encrypted in the database and the file will be updated with this encrypted password.

Change the default password used to configure the database

After the first connection, it is strongly recommended not to use the default user account to access the application for security reasons. You can either change the default credentials of this account (admin@company.com/admin) or create another administrator user and remove the default account.

If you want to change the admin default password that allows you to change the database configuration, do the following:

  1. Scroll down the configuration.properties file until you find the database.config.password parameter.

  2. Change the admin default password to a more individual and secure password.

Managing the connection pool via Tomcat

By default, a third-party application (c3p0) has been embedded into the configuration file of Talend Administration Center, to manage the connection pool.

However if you want Tomcat to manage directly the connection pool, perform the following operations:

In the Web application installation directory, proceed as follows:

  1. In the <ApplicationPath>/WEB-INF/classes folder, change the default setting of the configuration.properties file to:

    database.useContext=True

  2. In the WEB-INF folder, edit the web.xml file and add the following piece of code before the closing tag </web-app>:

    <resource-ref>
    
         <description>Our Datasource</description>
         <res-ref-name>jdbc/ADMINISTRATOR_CONNECTION</res-ref-name>
         <res-type>javax.sql.DataSource</res-type>
         <res-auth>Container</res-auth>
    
    </resource-ref>
  3. In the file <ApplicationPath>/META-INF/context.xml, configure the parameters of connection to the database by modifying the following elements:

    Element name

    Value

    Note

    url

    jdbc:mysql://{ip_address}:3306/{db_name}

    For MySQL, where ip_address corresponds to the database IP address and db_name corresponds to its name.

    jdbc:oracle:thin:@{ip_address}:1521:{db_name}

    For Oracle, where ip_address corresponds to the database IP address and db_name corresponds to its name.

    jdbc:jtds:sqlserver://{ip_address}:1433/{db_name}

    For SQL Server, where ip_address corresponds to the database IP address and db_name corresponds to its name.

    jdbc:h2:file:{dir_path/}<db_name>;MVCC=TRUE;AUTO_SERVER=TRUE; LOCK_TIMEOUT=15000

    For H2, where dir_path corresponds to the database path and db_name corresponds to its name.

    username

    The username used to log in your database, talend_admin by default.

    password

    The password used to log in your database, talend_admin by default.

    driverClassName

    org.gjt.mm.mysql.Driver

    For MySQL.

    oracle.jdbc.driver.OracleDriver

    For Oracle.

    net.sourceforge.jtds.jdbc.Driver

    For SQL Server.

    org.h2.Driver

    For H2.

  4. Copy the relevant .jar file corresponding to the database in which your data is stored in <TomcatPath>/lib/.

You can also deploy Talend Administration Center on a JBoss application server (instead of a Tomcat). So, you can follow the same above instructions for JBoss. For more information on how to deploy the Web application on JBoss, see Deploying Talend Administration Center on JBoss.

Configuring the indicators which determine which server to be used for load balancing

If you want to edit and overwrite the default configuration used to determine which server to be used for load balancing in cluster mode, do the following.

  1. Open the monitoring_client.properties file which is located in the following .jar file:

    <ApplicationPath>/WEB-INF/lib/org.talend.monitoring.client-x.y.z.rabcd.jar

  2. The weight values defined in this file will impact the server to be used to process data. Edit the values according to your needs and save your modifications.

  3. Copy the edited file in the following directory to overwrite the one located in the .jar file:

    <ApplicationPath>/WEB-INF/classes

Customizing the Talend Administration Center Menu tree view

You also have the possibility to customize the Menu tree view of the Talend Administration Center Web application by adding dynamic links to the website of your choice.

To set up dynamic links:

  1. Open the following file:

    <ApplicationPath>/WEB-INF/classes/configuration.properties

  2. At the end of the file, enter the dynamic link of interest using the given syntax:

    dynamiclink.<key>=<label>#<url>#<order>.

    For example, you can create the link to http://www.talend.com by entering

    dynamiclink.talendcom=Talend#http://www.talend.com#8

    or the link to http://www.talendforge.org by entering

    dynamiclink.talendforge=Talendforge#http://www.talendforge.org#9.

    In this syntax, <key> indicates the technical key of this link configured, <label> is the link name displayed on the Menu tree view, <url> is the website address you need to link to and <order> specifies the position of this link on the Menu tree view.

    dynamiclink.talendcom=Talend#http://www.talend.com#8
    dynamiclink.talendforge=Talendforge#http://www.talendforge.org#9

    Note

    For further information about the order numbers used by Talend Administration Center to arrange the Menu items, check the menuentries.properties file provided in the same classes folder.

  3. Save the configuration.properties file edited.

For more information on how these links are displayed in the Menu tree view of the Talend Administration Center Web application, see the Talend Administration Center User Guide.

Configuring Talend Administration Center login delay

Setting up a login delay allow you to improve the security of your Web application by slowing brute force attacks.

  • In the configuration table of the Talend Administration Center database, change the value of the useLoginDelay parameter to true.

Failed login attempts will now generate a time delay which increases exponentially with each failed attempt.

Configuring LDAP(S) for Talend Administration Center

To configure LDAP(S) for Talend Administration Center, proceed as follows:

Generate a key

  1. Create a folder where you want to store your Keystore.

  2. Open a command prompt.

  3. Using the cd command, go to the folder you created.

  4. Enter the following command:

    <JAVA_HOME>/bin/keytool.exe -genkey -keystore <myKeystoreName> -keyalg RSA

    Replace <JAVA_HOME> with the path to the folder where Java is installed and <myKeystoreName> with the name of your Keystore.

  5. Enter the password you want to create for your Keystore twice. Then, if needed, enter other optional information, such as your name or the name of your organization.

  6. Enter yes to confirm the information you provided.

  7. Enter the password you have previously defined.

Configure LDAP(S) for Talend Administration Center

To set the new Keystore location, edit the JAVA_OPTS environment variable.

  • To edit the JAVA_OPTS environment variable, add the following lines

    -Djavax.net.ssl.keyStore=/<myDirectory>/<myKeystore>
    -Djavax.net.ssl.keyStorePassword=<myPassword>

    to your JAVA_OPTS environment variable, where <myDirectory> is the installation directory of your Keystore, <myKeystore> is the name of your Keystore and <myPassword> is the password you have previously defined for your Keystore.

For more information on how to enable LDAP(S) in Talend Administration Center, see the Talend Administration Center User Guide.