Gateway Hub

Install

Overview

Before installing Gateway Hub, make sure you meet the following requirements:

Caution: If you are installing from a node, this machine must fulfil both the Hardware requirements and the Installation machine requirements.

Installation of the Gateway Hub is performed through the command line on your installation machine, following a configuration you can specify using a YAML file. The installation copies the binaries from the installation machine and configures your servers.

Download and unpack Gateway Hub

The Gateway Hub binaries are downloaded and unpacked onto your installation machine.

Perform the following:

  1. Download the Gateway Hub binaries from ITRS Downloads:
    • The binaries are packaged as a .tar.gz file named <version>.tar.gz.
  2. Move the Gateway Hub.tar.gz file into a user writeable directory.
  3. Unpack the Gateway Hub binary using the command line.
    • This creates a folder called hub-installer-<version>.

Install

Installation is performed using a program called hubctl that is located in the hub directory as part of the download package.

The hubctl tool reads configuration information from a YAML file that you must create. When you have completed the installation, store the configuration file safely in a known location.

You can use hubctl and your configuration file to reconfigure, upgrade or uninstall Gateway Hub.

A minimal configuration file, using YAML formatting, is given below:

installation:
  hosts:
  - server1.example.com
  connection:
    private_key: ~/.ssh/<your_key>.pem # Comment this out to use SSH password authentication
  licence_file: <your_licence_path>/licence.txt # Comment this out if you don't yet have a licence
hub:
  root_dir: /opt/hub
  user: hub
  runtime:
    java_home: /usr/lib/jvm/<java_version>/jre
  normaliserd:
    memory_limit: 800 
  persistenced:
    memory_limit: 800 					

More information on creating configuration files is provided below.

Installation procedure

To install Gateway Hub, follow these steps:

  1. Go to the folder called hubctl in your chosen directory.
    • This folder was created when you unpacked Gateway Hub.
  2. Run hubctl setup install <config_file>, replacing <config_file> with the location of your configuration file.
  3. Wait for the installation to finish.

You can use the flag hubctl <command> --help to bring up the command line help during the installation.

Success: The PLAY RECAP output on the command line states a number of ok or changed configurations, and zero unreachable or failed, similar to the example below:

PLAY RECAP
****************************************************************************************************
********
hub-vm.internal : ok=573 changed=155 unreachable=0 failed=0 skipped=226
rescued=0 ignored=0
localhost : ok=15 changed=4 unreachable=0 failed=0 skipped=0
rescued=0 ignored=0
Ansible play "install" completed successfully
Hub installation completed successfully

Registration with systemd

After installing Gateway Hub, you can configure systemd to automatically start Gateway Hub services when a host system boots. Performing this configuration requires root privileges.

To register the Gateway Hub orchestration service with systemd, do the following on each node:

  1. Stop the currently running Gateway Hub service:
    hubctl stop <config_file>
  2. Copy the provided orchestration.service file to the system level systemd directory:
    sudo cp /opt/hub/hub-<version>/etc/hub-orchestration.service /usr/lib/systemd/system
  3. Restart and enable the Gateway Hub service:
    sudo systemctl daemon-reload
    sudo systemctl enable hub-orchestration
    sudo systemctl start hub-orchestration

Security

Gateway Hub uses TLS to encrypt communications between Gateway Hub components and client applications. You can configure Gateway Hub to run using an internal certificate authority to sign certificates for development environments. In production environments, you must provide trusted certificates. For more information about configuring TLS, see Install.

Using hubctl

You can use the included hubctl Python scripts to install, configure and manage Gateway Hub. To perform many operations with hubctl, you will need a YAML configuration file.

To use hubctl, run commands in the following format:

hubctl <command> <options> <config_file>

The following commands are available:

  • setup — this command can be run with the following options:
    • install — perform a new installation of Gateway Hub using the provided configuration file.
    • reconfigure — reconfigure an existing Gateway Hub. This changes Gateway Hub's settings to match the provided configuration file. Protected settings cannot be changed by the setup reconfigure command.
    • uninstall — uninstall Gateway Hub. Some additional steps may be necessary, a summary is provided when the uninstall process is complete.
  • config — this command can be run with the following options:
    • list — list the available configuration files for Gateway Hub services. By default, this will list all files. You can optionally specify a service to see only files relevant to that service.
    • get — fetch the available configuration files for a specified Gateway Hub service. By default, this will fetch all files related to the specified service. You can optionally specify a specific file to fetch only that.
    • set — update a Gateway Hub service configuration file on all nodes to match a specified local copy. You can update one or multiple files using one command.
    • edit — update a single Gateway Hub service configuration file on all nodes using your text editor. This command fetches a specified file and opens it in your text editor. When you save the local copy of the file, changes are propagated to all nodes.
  • start — start Gateway Hub on all nodes.
  • stop — stop Gateway Hub on all nodes.
  • restart — restart Gateway Hub on all nodes.
  • status — prints the status of all nodes to standard out.
  • diagnostics — generates a .tgz file of logs and diagnostics from all nodes. For more information, see Obtain a diagnostic file from the command line in Troubleshooting User Guide.

Note: To manage Gateway Hub using hubctl, all nodes must be reachable from your machine. Making changes to configuration files directly may break Gateway Hub functionality.

Systemd and reconfiguration

If the Gateway Hub orchestration service has been registered with systemd, you will need to mask the orchestration service when reconfiguring Gateway Hub.

To perform reconfiguration commands:

  1. Mask and stop the orchestration service by running the following on each node:
    sudo systemctl mask hub-orchestration
    sudo systemctl stop hub-orchestration
  2. Start Gateway Hub and perform the reconfiguration using hubctl, then stop Gateway Hub. You are only required to run this on one node, the changes will effect the whole cluster.
    hubctl start <config_file>
    hubctl setup reconfigure <config_file>
    hubctl stop <config_file>
  3. Unmask and restart the orchestration service by running the following on each node:
    sudo systemctl unmask hub-orchestration
    sudo systemctl start hub-orchestration

Installation configuration file

The Gateway Hub configuration file can be created as a YAML file. All sections and subsections must be written following the correct YAML syntax. The configuration file includes two root level sections: installation and hub.

When creating a configuration file, note the following:

  • The hub > logs_max_file_size option uses the industry standard Logback framework. As a result, files will reach an approximate maximum size but small variations from the specified size are expected. For more information, see the Logback Documentation.

The following is a template file:

# Hub installation descriptor.
#
# The Hub installer requires that the PyYAML Python library be installed. This is done as follows:
# %> pip3 install pyyaml
#
# Settings that are marked as required must always be supplied, regardless of the hubctl operation being performed.
# Settings that are marked as protected cannot be changed between an initial installation and a subsequent
# reconfiguration.
#
# Installation settings
#
installation:

  # Destination hosts.
  # Each host name must be in FQDN form.
  # Required: False
  # Protected: True
  # One of installation.hosts or installation.hosts_file is required, unless a local installation is performed. If both
  # are supplied, installation.hosts is used.
  # hosts:
  # - host1.domain1
  # - host2.domain1
  # - host3.domain1

  # Hosts file.
  # File containing destination hosts, with each line containing a host name in FQDN form.
  # Required: False
  # Protected: True
  # One of installation.hosts or installation.hosts_file is required, unless a local installation is performed. If both
  # are supplied, installation.hosts is used.
  hosts_file: ~/tmp/hosts.txt

  # Connection to destination hosts
  connection:

    # Local installation.
    # Required: False.
    # Default: false
    # Protected: True
    # Set to true if the Hub should be installed to only the local host, in which case an SSH connection is not required, and
    # all other connection.* parameters except connection.local_host_name will be ignored.
    # local: true

    # Local host name.
    # Required: False.
    # Default: localhost
    # Protected: False
    # This setting is only used if a local installation is performed. Specify the host name used to advertise the
    # local host to external clients. If a PEM file is supplied, this host name must match one of the subjects used
    # by the Hub's certificate. If omitted, "localhost" is used, therefore only allowing local connections to be made to
    # the Hub, which makes it usable only for basic testing.
    # local_host_name: host4.domain4

    # Path to the SSH private key PEM file to use for password-less authentication.
    # Required: False
    # If not specified, the installer prompts for an SSH password.
    private_key: ~/.ssh/hubdemo-hub.pem

    # SSH port.
    # Required: False
    # Default: 22
    port: 22

    # Installation user.
    # Required: False
    # Protected: True
    # Specify to force the installer to use a different user from the Hub runtime user (see below in
    # the "hub" section) to carry out the installation. If present and different from the Hub runtime user, the supplied
    # user needs to be a sudoer.
    user: hub

  # The Hub's license file.
  # Required: False.
  # If not specified, the Hub will be unlicensed, and some of its features will be limited or disabled.
  licence_file: ~/workspaces/IAF/devops/data/licence.txt

  # TLS/SSL certificates.
  # The Hub uses TLS to encrypt connections to Kafka, Zookeeper, and HTTP traffic. The installer needs to deploy a
  # certificate for the Hub as well as its CA certificate to each node at installation time. For production usage, these
  # certificates must be supplied by customers. For testing purposes, it is possible to install the Hub without
  # supplying certificates. In that case, the installer generates a self-signed CA certificate and uses it 
  # to sign the server certificate used by the Hub.
  # Certificates are deployed to two distinct stores:
  # - A key-store, containing the Hub's certificate and the CA certificate.
  # - A trust-store, containing the CA certificate.
  # Both stores are protected by a password, and access to keys within the stores is also protected by a password.
  tls:

    # Pem file for TLS
    # For production usage: the PEM file containing the Hub's certificate, the Hub's private key, and the CA certificate.
    # Required: False
    # If omitted, a self-signed certificate is generated and deployed instead.
    # pem_file: ~/tmp/tls/hub.pem

    # For test/demo usage: if no PEM file is supplied, the installer generates a CA certificate and uses it to sign
    # the Hub's certificate. If the installer is run several times in a row, its default behaviour is to reuse any
    # existing CA certificate it may already have generated. This is usually the desired behaviour, since a CA
    # certificate needs to be imported by customers into any application wishing to connect to the Hub via HTTPS
    # (Web client, Grafana, etc.). This setting can be used to override the default behaviour and force the creation
    # of a new CA certificate.
    # Required: False
    # Default: true
    reuse_self_signed_ca_certificate: true

    # Pem file password
    # For production usage: the PEM file's password if the supplied PEM file contains an encrypted private key.
    # Required: False
    # If omitted and the supplied PEM file contains an encrypted private key, the installer prompts for a password.
    pem_file_password: pemfilepassword

    # Key store password
    # The password for the Hub's key-store.
    # Required: False
    # If omitted, the installer prompts for a password.
    key_store_password: keystorepassword

    # Trust store password
    # The password for the Hub's trust-store.
    # Required: False
    # If omitted, the installer prompts for a password.
    trust_store_password: truststorepassword

  # Installer verbosity
  # Controls the installer's verbosity. Supported values: [0, 4]
  # Required: False
  # Default: 0
  verbosity: 2

# Hub settings
#
hub:

  # Hub root directory.
  # Required: True
  # Protected: True
  # This must be an existing directory on all destination hosts, and it must be writeable by the runtime user (specified
  # via hub.user). This directory cannot have the noexec flag set.
  # The Hub distribution lives in a directory called "hub-<version>" that is created under this root directory
  # during installation. It is referred to as <hub home> in the rest of this document.
  # Unless configured otherwise, Hub services store their data in sub-directories of a "hub-data" directory that is
  # also created under the root directory. It is referred to as <hub data> in the rest of this document.
  root_dir: /opt/hub

  # Hub temporary directory.
  # Required: False
  # Default: <hub home>/tmp
  # If specified, this must be an existing directory on all destination hosts, it must be writeable by the runtime user
  # (specified via hub.user) and it cannot have the noexec flag set.
  # tmp_dir: /path/to/tmp

  # Hub logs directory.
  # Required: False
  # Default: <hub home>/logs
  # If specified, this must be an existing directory on all destination hosts and it must be writeable by the runtime user
  # (specified via hub.user).
  # logs_dir: /path/to/logs

  # Maximum log file size.
  # Required: False
  # Default: 250 MB
  # This setting applies to log files produced by all Hub services. As soon as a log file reaches that size, the log
  # file is rolled and a new log file is created.
  # The value can either be a plain number of bytes, or of the form <amount> <unit>, where <unit> can be one of: KB, MB, GB.
  # (case insensitive regular expression for the value is as follows: "([0-9]+)\\s*(|kb|mb|gb)s?)
  logs_max_file_size: 10KB

  # Log files history limit per Hub service.
  # Required: False
  # Default: 14
  # This setting applies to log files produced by all Hub services. Log files roll every day or as soon as their size
  # limit is reached. Specifies the period that logs are stored for each service in days, regardless of the actual number
  # of log files (which depends on the size limit set by
  # hub.logs.logs_max_file_size). It is possible for less than that amount of logs to be retained if the total size cap,
  # set by hub.logs.logs_total_size_cap is reached first.
  logs_max_history: 14

  # Maximum amount of logs data retained on disk per Hub service.
  # Required: False
  # Default: 1 GB
  # This setting applies to log files produced by all Hub services.
  # Value can either be a plain number of bytes, or of the form <amount> <unit>, where <unit> can be one of: KB, MB, GB.
  # (case insensitive regular expression for the value is as follows: "([0-9]+)\\s*(|kb|mb|gb)s?)
  logs_total_size_cap: 100KB

  # Hub TLS directory.
  # Stores the Hub's TLS certificates.
  # Required: False
  # Default: <hub home>/tls
  # If specified, this must be an existing directory on all destination hosts, and it must be writeable by the runtime user
  # (specified via hub.user).
  # tls_dir: /path/to/tls

  # Hub runtime user.
  # Required: False
  # Default: hub
  # Protected: True
  # This must be an existing user on all destination hosts. This user does not need to have root privileges. The entire
  # Hub distribution under <hub home> is owned by that user. All Hub processes are run by that user.
  user: hub

  # Hub runtime user's group.
  # Required: False
  # Default: <hub.user>
  # Protected: True
  # This must be an existing group on all destination hosts.
  group: hub

  # Hub runtime settings.
  runtime:

    # Java installation.
    # Required: True
    java_home: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64/jre

  # Hub orchestrationd service settings.
  orchestrationd:

    # JMX API port.
    # Required: False
    # Default: 10974
    jmx_port: 10974

    # Memory limit in MB.
    # Required: False
    # Default: 256
    memory_limit: 256

  # etcd member settings.
  etcd_member:

    # Data directory.
    # Having a dedicated disk to store etcd snapshots helps reduce I/O contention with other services.
    # Required: False
    # Default: <hub data>/etcd-member
    # If specified, this must be an existing empty directory with mode 0700.
    # Protected: True
    # data_dir: /mnt/disk1/hub/data/etcd/data

    # WAL directory. 
    # Having a dedicated disk to store WAL files helps improve etcd's throughput and stabilise the
    # cluster under load.
    # Required: False
    # Default: <hub.etcd_member.data_dir>
    # If specified, this must be an existing empty directory with mode 0700.
    # Protected: True
    # wal_dir: /mnt/disk1/hub/data/etcd/wal

    # Client port.
    # The etcd gateway connects to each etcd cluster member via this port.
    # Required: False
    # Default: 2379
    client_port: 2379

    # Peer port.
    # Each etcd cluster member connects to other cluster members via this port.
    # Required: False
    # Default: 2380
    peer_port: 2380

    # Memory limit in MB.
    # Required: False
    # Default: 2048
    memory_limit: 2048

    # Heartbeat interval in milliseconds for the etcd cluster leader.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Refer to https://etcd.io/docs/v3.4.0/tuning/#time-parameters for details.
    # Required: False
    # Default: 100
    # heartbeat_interval_ms: 100

    # Election timeout in milliseconds for the etcd cluster leader.
    # This is an advanced setting and should only be changed if the default is proven to be too low. At the minimum,
    # this value must be five times <hub.etcd_member.heartbeat_interval_ms>.
    # Refer to https://etcd.io/docs/v3.4.0/tuning/#time-parameters for details.
    # Required: False
    # Default: 1000
    # election_timeout_ms: 1000

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # etcd gateway settings.
  # No memory limit is configurable for ectd gateway because its memory footprint is negligible.
  etcd_gateway:

    # Gateway port.
    # The orchestratord connects to the etcd gateway via this port.
    # Required: False
    # Default: 2378
    port: 2378

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Postgres/Timescale settings.
  # Memory settings for Postgres are automatically calculated by the installer so that Postgres uses as much memory as
  # possible without causing any swapping.
  postgres_timescale:

    # Data directory.
    # Required: False
    # Default: <hub data>/postgres-timescale/pgdata
    # If specified, this must be an existing empty directory.
    # Protected: True
    # data_dir: /mnt/disk1/hub/data/postgres/pgdata

    # Write-ahead log directory.
    # Required: False
    # Default: <hub data>/postgres-timescale/pgwal
    # If specified, this must be an existing empty directory.
    # Protected: True
    # wal_dir: /mnt/disk1/hub/data/postgres/pgwal

    # Postgres client port.
    # Required: False
    # Default: 5432
    port: 5432

    # Postgres database superuser name.
    # Required: False
    # Default: postgres
    # Protected: True
    database_superuser: postgres

    # Postgres database user name.
    # Required: False
    # Default: <hub.user>
    # Protected: True
    database_user: hub

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Zookeeper settings.
  zookeeper:

    # Data directory.
    # Required: False
    # Default: <hub data>/zookeeper/snapshot
    # If specified, this must be an existing empty directory.
    # Protected: True
    # data_dir: /mnt/disk1/hub/data/zookeeper/snapshot

    # Transaction log directory.
    # Required: False
    # Default: <hub data>/zookeeper/transactions
    # If specified, this must be an existing empty directory.
    # Protected: True
    # transaction_log_dir: /mnt/disk1/hub/data/zookeeper/txn

    # Zookeeper client listener port.
    # Required: False
    # Default: 5181
    client_port: 5181

    # Port used by zookeeper cluster members to connect to the leader.
    # Required: False
    # Default: 5188
    leader_port: 5188

    # Port used by zookeeper cluster members for leader elections.
    # Required: False
    # Default: 5189
    leader_election_port: 5189

    # Memory limit in MB.
    # Required: False
    # Default: 1024
    memory_limit: 1024

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Kafka settings.
  kafka:

    # Log directories.
    # Required: False
    # Default: [ <hub data>/kafka/logs ]
    # If specified, these must be existing empty directories.
    # Protected: True
    # log_dirs:
    # - /mnt/disk2/hub/data/kafka/logs
    # - /mnt/disk3/hub/data/kafka/logs

    # Kafka listener port.
    # Required: False
    # Default: 9092
    port: 9092

    # Target replication factor.
    # The actual replication factor is the minimum of this value and the number of cluster nodes.
    # Required: False
    # Default: 3
    # Protected: True
    target_replication_factor: 3

    # Data retention hours.
    # The number of hours Kafka data is retained before it is automatically deleted. Must be strictly positive.
    # Required: False
    # Default: 72
    # Protected: True
    data_retention_hours: 72

    # Memory limit in MB.
    # Required: False
    # Default: 1024
    memory_limit: 1024

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Collection Agent settings.
  collection_agent:

    # Health check port.
    # Required: False
    # Default: 9097
    health_check_port: 9097

    # Memory limit in MB.
    # Required: False
    # Default: 800
    memory_limit: 800

    # Metrics pipeline store type.
    # Required: False
    # Default: memory
    # Permitted values: 'memory', 'disk'
    metrics_pipeline_store_type: memory

    # Logs pipeline store type.
    # Required: False
    # Default: disk
    # Permitted values: 'memory', 'disk'
    logs_pipeline_store_type: disk

    # Events pipeline store type.
    # Required: False
    # Default: disk
    # Permitted values: 'memory', 'disk'
    events_pipeline_store_type: disk

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Geneos NetProbe settings.
  geneos_netprobe:

    # NetProbe listen port.
    # Required: False
    # Default: 7036
    port: 7036

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Hub normaliserd settings.
  normaliserd:

    # Memory limit in MB.
    # Required: False
    # Default: 800
    memory_limit: 800

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Hub persistenced settings.
  persistenced:

    # Memory limit in MB.
    # Required: False
    # Default: 800
    memory_limit: 800

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Hub snapshotd settings.
  snapshotd:

    # Memory limit in MB.
    # Required: False
    # Default: 800
    memory_limit: 800

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Hub apid settings.
  apid:

    # REST API port.
    # Required: False
    # Default: 8081
    port: 8081

    # Memory limit in MB.
    # Required: False
    # Default: 2800
    memory_limit: 2800

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Hub gateway-configd settings.
  gateway_configd:

    # Gateway cache directory
    # Required: False
    # Default: <hub.tmp_dir>/gateway-cache
    # If present, this must be an existing directory on all destination hosts, and it must be writeable by the runtime user
    # (specified via hub.user).
    # cache_dir: /path/to/gateway-cache

    # Validation timeout
    # Required: False
    # Default: PT10M (i.e. 10 minutes)
    # The maximum amount of time (as an ISO_8601 duration) to wait for the configuration of an individual Gateway to be
    # validated. Gateway configurations must be validated before any changes can be applied.
    validation_timeout: PT10M

    # Memory limit in MB.
    # Required: False
    # Default: 600
    memory_limit: 600

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Hub publisherd settings.
  publisherd:

    # Memory limit in MB.
    # Required: False
    # Default: 800
    memory_limit: 800

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Web console settings.
  webconsole:

    # Web console port. Must not be set to 8080.
    # Required: False
    # Default: 8443
    port: 8443

    # Memory limit in MB.
    # Required: False
    # Default: 800
    memory_limit: 800

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60

  # Capacity Planner App settings
  capacity_planner:

    # REST API port.
    # Required: False
    # Default: 9090
    port: 9090

    # Memory limit in MB.
    # Required: False
    # Default: 800
    memory_limit: 800

    # Ready timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 300
    # ready_timeout_s: 600

    # Live timeout in seconds.
    # This is an advanced setting and should only be changed if the default is proven to be too low.
    # Required: False
    # Default: 30
    # live_timeout_s: 60