Configure the UI
Find details here for the configuration properties of the UI. Properties are defined in the following file:
/etc/wandisco/ui/application-prod.properties
When adding new properties or changing existing values, restart the Data Migrator service.
General configuration
Configure how the UI is run overall.
| Name | Details |
|---|---|
server.port | Set the port on which the UI will be available. This is overridden by the server.ssl.port when TLS is enabled.Default value: 8081Allowed values: An integer value between 1024 and 65535 |
UI logging
The UI configuration file (/etc/wandisco/ui/application-prod.properties) contains the following logging configuration properties:
| Name | Details |
|---|---|
logging.output.path | The output path for all logging. Default value: /var/log/wandisco/uiAllowed values: The full path to a valid directory that is writable by the user running the UI. The user is typically hdfs. |
logging.level.ROOT | The log level. Default value: INFOAllowed values: A valid log level: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, or OFF. |
logging.audit.output.filename | The output filename for the audit log. This will be suffixed with the date in YYYY-MM-DD format.Default value: livedata_ui_auditAllowed values: A valid string. |
logging.audit.days-kept | The amount of days that the audit log will be retained. Default value: 90Allowed values: An integer value for the number of days that logs are kept. |
Configure the log output path for the UI
- Open
/etc/wandisco/ui/application-prod.properties. - Edit the following line, replacing the default path
/var/log/wandisco/uiwith your own. For example:logging.output.path=/your/path/here - Save the change.
- Restart Data Migrator.
Reset admin user password
Reset the admin user's password for Data Migrator by creating a file named reset.password in the UI configuration directory (/etc/wandisco/ui/ by default).
Add the existing email value and a new password value in the file (The password must conform to the same password requirements as the UI) :
email=user@domain.com
password=newPassword
Restart the UI server after the file has been created. When the UI restarts, it updates the password to the value entered in the file, the file is then automatically deleted.
This process cannot be used for users other than the admin. It does not work for the admin user's email address, which cannot be changed.
Security
Basic authentication compatibility
If basic auth is enabled on Data Migrator or Hive Migrator (or both), the following additional steps are required to maintain UI functionality: Update basic auth in the UI
TLS
Configure how the UI uses TLS, which is disabled by default.
| Name | Details |
|---|---|
server.ssl.enabled | Set to true to enable TLS. If no other TLS values are set, this will use an internal keystore and a self-signed certificate to serve the UI.Default value: falseAllowed values: true, false |
server.ssl.port | Set the port on which the UI should be available when TLS is enabled. Default value: 8443Allowed values: An integer value between 1024 and 65535 |
server.ssl.key-store | The path to the key store which should be used instead of the internal default |
server.ssl.key-store-password | The password to be used to access the key store |
server.ssl.key-alias | The alias of the certificate to be used |
server.ssl.key-store-type | Optional: set the key store type. Defaults to PKCS12 |
application.liveMigratorV2.client.noCheckCertificate | Optional: add this property and set the value to true if you want to implicitly trust certificates from remote Data Migrator instances. Default value: false Instead of using this property, we recommend that you import your server certificate into a truststore. |
The example command below will import a certificate file, certificate-file.crt into the Java truststore cacerts:
keytool -importcert -file /etc/wandisco/certificate-file.crt -keystore cacerts -alias key-alias
For more information about parameters, see Oracle's documentation.
Using a custom truststore (UI)
The default SSL keystore configuration for the UI is stored in /etc/wandisco/ui/application-prod.properties:
server.ssl.port=8443
server.ssl.enabled=true
server.ssl.key-store=/etc/wandisco/ui/tls/keystore.p12
server.ssl.key-store-password=password
server.ssl.key-store-type=PKCS12
server.ssl.key-alias=livedata-ui
If you define a custom keystore using these configuration parameters, the truststore will still default to the one in the JAVA home directory.
For more information, see Transport Layer Security (TLS).
Use the following steps to enter a custom truststore:
- Open
/etc/wandisco/ui/vars.envin a text editor. - Add the following line:This UI extra JAVA argument adds the following:
LDUI_EXTRA_JVM_ARGS="-Djavax.net.ssl.trustStore=/etc/wandisco/ui/tls/keystore.p12 -Djavax.net.ssl.trustStorePassword=password"
- Djavax.net.ssl.trustStore - Path to the custom truststore file.
- Djavax.net.ssl.trustStorePassword - The custom truststore password.
- Save the change.
- Restart the UI service. using the command:
systemctl restart livedata-ui
Data Migrator instance
Default Data Migrator instance hostname and port /etc/wandisco/ui/application-prod.properties:
application.liveMigratorV2.servers=localhost\:18080
Directory structure
The following directories are used for the UI:
| Location | Content |
|---|---|
/var/log/wandisco/ui | Logs |
/etc/wandisco/ui | Configuration files |
/opt/wandisco/ui | Operation files |
/var/run/livedata-ui | Runtime files |