Configuration
Once the Swift publication module is installed, you must ensure its configuration is aligned with your business needs and production environment.
-
Ensure that your public receivers are configured.
-
Configure REST communication between author and public instances.
-
Decide on an external version store, such as S3, and configure it.
Receivers
First, make sure you have receivers configured correctly in a properties file.
swift.publication.receivers[0].name=public1
swift.publication.receivers[0].url=http://public1:8080/magnoliaPublic
swift.publication.receivers[0].enabled=true
swift.publication.receivers[1].name=public2
swift.publication.receivers[1].url=http://public2:8080/magnoliaPublic
swift.publication.receivers[1].enabled=trueThis node name is used for the queue naming setup.
|
Similar to other modules, defining your public instances for the workflow is mandatory. You can change the public instance name for the hostname in development environments. |
Communication between instances
REST-based publication
For REST communication, you need to add JVM arguments/magnolia properties for sensitive data as credentials.
The REST publication requires an API key to control access. APIs allow two software modules to exchange data and are used here for publication between author and public instances.
-Daws.retryMode=standard (1)| 1 | This changes the default legacy mode to the standard retry strategy. |
Properties
| Property | Description | ||
|---|---|---|---|
|
optional, default is
|
||
optional, default is This property is for secure request handling by sending signatures from the author instance, verified by public instances using a public key. If set to
|
|||
|
optional, default is Configures the number of REST retries upon publication request failures. |
||
|
optional, default is The size of the scheduled thread pool used for REST retries. |
||
|
optional, default is The interval between REST retry attempts in milliseconds. |
||
|
optional, default is REST retries are attempted for the status codes defined in this property. Default codes are set according to Google retry strategy. The list includes the following HTTP status codes:
|
||
|
optional, default is This property defines the time between retry synchronisation polling in milliseconds. |
||
|
optional, default is Timeout for status synchronizations between author and public instances in seconds. |
||
optional, default is Defines the number of items processed in bulk in publishing and unpublishing operations. This has several performance advantages:
|
Versioning store
Amazon S3
For Amazon S3 credentials, find details in the AWS connection section below.
You can store properties in all property sources, such as system properties or the magnolia.properties file example below.
|
swift.versioning.s3.bucket=<YOUR_S3_BUCKET> (1)
swift.versioning.s3.region=<AWS_REGION> (2)
swift.versioning.s3.rootFolder=<YOUR_FOLDER> (3)
swift.versioning.s3.connection-acquire-timeout: <YOUR_CONNECTION_ACQUIRE_TIMEOUT> (4)
swift.versioning.s3.max-connections=<YOUR_MAX_CONNECTIONS> (5)
swift.versioning.s3.max-connection-acquires=<YOUR_MAX_CONNECTION_ACQUIRES> (6)
swift.versioning.s3.rate-limit-period=<YOUR_RATE_LIMIT_PERIOD> (7)
swift.versioning.s3.rate-limit=<YOUR_RATE_LIMIT> (7)
swift.versioning.s3.rate-limit-timeout=<YOUR_RATE_LIMIT_TIMEOUT> (7)| 1 | Specify your S3 bucket name. |
| 2 | Specify the AWS Region you’re using. |
| 3 | If you want to reuse the same bucket across different environments, like test or production, you can save your publications in a different space per environment. You can do this by modifying the root folder as a base folder for publication storage. |
| 4 | Timeout in seconds for acquiring an S3 connection from the pool. |
| 5 | Maximum number of S3 connections in the pool. |
| 6 | Maximum number of pending requests when the pool is empty. |
| 7 | Configuring the request rate limit. |
| AWS S3 bucket names are globally unique, meaning no two buckets can have the same name. If you try to create a bucket and receive an error stating the bucket already exists, it means that the bucket name is already in use, either by you or someone else. |
Properties
| Property | Description | ||
|---|---|---|---|
|
required The name of your unique S3 bucket associated with your AWS connection. |
||
|
required The AWS region where your unique bucket is located.
For example, |
||
|
required This path points to the folder you want to use within your bucket. |
||
|
optional The URL used to send your API requests. See AWS service endpoints for more details on AWS web service entry points. |
||
|
optional This boolean defines whether a path-style URL or a custom-style endpoint is used. When set to
When set to |
||
|
optional default is Timeout in seconds for acquiring an S3 connection from the pool. See AWS SDK for Java API Reference for more details. |
||
|
optional default is Maximum number of S3 connections in the pool. See AWS SDK for Java API Reference for more details. |
||
|
optional default is Maximum number of pending requests when the pool is empty. Additional requests are queued pending a free connection in the pool if all connections are in use. See AWS SDK for Java API Reference for more details. |
||
optional default is Time period in milliseconds during which only a certain amount of calls, defined by the rate-limit, are permitted. |
|||
optional default is Limit for the maximum number of calls permitted during a given time (the rate-limit-period). |
|||
|
optional default is Duration in milliseconds, after which a call times out if the current rate limit doesn’t allow its execution. |
AWS connection
The magnolia-aws-foundation module handles all Amazon connections from Magnolia.
It’s installed automatically by Maven when you install any AWS-dependent module.
|
To use AWS in Magnolia, you must have a working AWS account.
You need AWS credentials to connect AWS to Magnolia. Credentials consist of:
-
AWS access key ID
-
AWS secret access key
-
Optionally, a session token (when using the AWS default credential provider chain)
Generate the key in the security credentials section of the Amazon IAM Management Console. In the navigation bar on the upper right, choose your user name, and then choose My Security Credentials.
Using the AWS default credential provider chain
The AWS SDK uses a chain of sources to look for credentials in a specific order. For more information, see Default credentials provider chain.
-
Set your AWS credentials by following the instructions in the AWS documentation: Provide temporary credentials to the SDK.
For a more secure implementation using the default credential provider chain, we recommend using a session token, which expires, rather than a permanent user token.
-
Disable Magnolia’s internal credential handling by doing one of the following:
-
Adding the following configuration properties to your
WEB-INF/config/default/magnolia.propertiesfile:magnolia.aws.validateCredentials=false magnolia.aws.useCredentials=false -
Using JVM arguments as shown in the next step.
-
-
Set your AWS session or user token. AWS credentials can be injected using environment variables or JVM system properties. For more details, see Default credentials provider chain and Configure access to temporary credentials.
Example configuration with a session token and JVM arguments-Dmagnolia.aws.validateCredentials=false(1) -Dmagnolia.aws.useCredentials=false(1) -Daws.accessKeyId=$AWS_ACCESS_KEY_ID(2) -Daws.secretAccessKey=$AWS_SECRET_ACCESS_KEY(2) -Daws.sessionToken=$AWS_SESSION_TOKEN(2)(3)1 Disables Magnolia’s internal credential handling using JVM properties. 2 JVM properties to inject environment variables containing the AWS credentials. Ensure that your environment variables AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY, andAWS_SESSION_TOKENare set.3 AWS_SESSION_TOKENis optional.Example configuration with a permanent user token-Dmagnolia.aws.validateCredentials=false -Dmagnolia.aws.useCredentials=false -Daws.accessKeyId=<your-access-key-id> -Daws.secretAccessKey=<your-secret-access-key>