Configure the config.sh file

To configure the config.sh file for installing the application, follow these steps:

Login to the server as a non-root user.
Navigate to the <installation directory>/OFS_MMG/bin directory.

Configure the applicable config.sh attributes as shown here:

Note:

OFS MMG authenticates users by calling OFSAA over REST. You must ensure that the firewall or network rules allow outbound connectivity from the OFS MMG host or ports to the OFSAA host or ports that are used for authentication.

Sample config.sh files:

#!/bin/sh ##

export APPLICATION_NAME=##APPLICATION_NAME##

export WALLET_LOCATION=##WALLET_LOCATION##

export TNS_ADMIN_PATH=##TNS_ADMIN_PATH##

export WALLET_ALIAS=##WALLET_ALIAS## export LOG_HOME=##LOG_HOME##

export FTPSHARE=##FTPSHARE##

##By default, Data Studio is assumed to run on the same server. If it is running on a different host, uncomment the line below and provide the appropriate URL. #export DATASTUDIO_URL=##DATASTUDIO_URL##

export BE_HOSTNAME=##

BE_HOSTNAME##

export BE_PORT=##BE_PORT##

export UI_PORT=##

UI_PORT## export SCHEMA_PORT=##SCHEMA_PORT##

export CONTEXT_PATH=##CONTEXT_PATH##

export STUDIO_AUTH_TYPE=##STUDIO_AUTH_TYPE##

export SSO_TOKEN=##SSO_TOKEN##

export SSL_ENABLED=##SSL_ENABLED##

export SSL_KEYSTORE=##SSL_KEYSTORE##

export SSL_KS_SECRET=##SSL_KS_SECRET##

export SSL_KS_TYPE=##SSL_KS_TYPE##

export SSL_KS_ALIAS=##SSL_KS_ALIAS##

export SESSION_TOKEN_CREDENTIALS=##SESSION_TOKEN_CREDENTIALS##

export FCC_API_USER=##FCC_API_USER##

export MMG_DATASOURCE_MAX_POOL_SIZE=10

export MMG_DATASOURCE_IDLE_TIMEOUT=30000

export MMG_DATASOURCE_CONN_TIMEOUT=80000

export EXT_DATASOURCE_MAX_POOL_SIZE=10

export EXT_DATASOURCE_IDLE_TIMEOUT=30000

export EXT_DATASOURCE_CONN_TIMEOUT=80000

export MMG_HTTP_MAX_CONN=20

export MMG_HTTP_MAX_CONN_PER_ROUTE=2

export MMG_HTTP_CONNECT_TIMEOUT=30000

export MMG_HTTP_READ_TIMEOUT=120000

export APPLICATION_ID=##APPLICATION_ID##

## Properties for MMG-ui

export APPLICATION_FAVICON_PATH=##APPLICATION_FAVICON_PATH##

export UI_AUTH_TYPE=##AUTH_TYPE##

export AAI_AUTH_URL=##AAI_AUTH_URL##

export SAML_IDP_URL=##SAML_IDP_URL##

export SAML_SP_ENTITY=##SAML_SP_ENTITY##

export SAML_SRV_URL=##SAML_SRV_URL##

export SAML_LOGOUT_URL=##SAML_LOGOUT_URL##

export SAML_SIGN_AUTHN_REQ=##SAML_SIGN_AUTHN_REQ##

export SAML_PRIVATE_KEY_PATH=##SAML_PRIVATE_KEY_PATH##

export SAML_SP_X509_CERT_PATH=##SAML_SP_X509_CERT_PATH##

export SAML_SIGN_ALGORITHM=##SAML_SIGN_ALGORITHM##

export AUTH_SAML_REQUEST_TYPE=##AUTH_SAML_REQUEST_TYPE##

export AUTH_SAML_INCLUDE_SP_CERT=##AUTH_SAML_INCLUDE_SP_CERT##

export LDAP_URL=##LDAP_URL##

export LDAP_SEARCH_BASE=##LDAP_SEARCH_BASE##

export LDAP_USER_FILTER=##LDAP_USER_FILTER##

export LDAP_USER_SEARCH_FILTER=##LDAP_USER_SEARCH_FILTER##

export LDAP_GROUP_SEARCH_FILTER=##LDAP_GROUP_SEARCH_FILTER##

export LDAP_GROUP_SEARCH_BASE=##LDAP_GROUP_SEARCH_BASE##

export LDAP_GROUP_MEMBER=##LDAP_GROUP_MEMBER##

## Properties for enabling AAI Authorization. Applicable for SAML/LDAP profiles

## This is disabled by default. Set AAI_AUTHZ_ENABLED to true to enable.

## AAI_AUTH_URL must be set.

export AAI_AUTHZ_ENABLED=##AAI_AUTHZ_ENABLED##

export AAI_CLIENT_ID=##AAI_CLIENT_ID##

export AAI_CLIENT_SECRET=##AAI_CLIENT_SECRET##

export SERVER_COOKIE_DOMAIN=##SERVER_COOKIE_DOMAIN##

export SERVER_COOKIE_NAME=##SERVER_COOKIE_NAME##

export SERVER_COOKIE_TIMEOUT=##SERVER_COOKIE_TIMEOUT##

export SERVER_COOKIE_IS_SECURE=##SERVER_COOKIE_IS_SECURE##

##Properties for MMG-service

export BE_AUTH_TYPE=public

export MMG_PYTHON_INTERPRETER=##MMG_PYTHON_INTERPRETER##

##Properties for MMG-studio

export DATASTUDIO_SCHEMA_WALLET_ALIAS=##DATASTUDIO_SCHEMA_WALLET_ALIAS##

export LOGIN_SHOW=##LOGIN_SHOW##

export SESSION_MODE=##SESSION_MODE##

export STUDIO_REALM=##STUDIO_REALM##

export OFSAA_URL=##OFSAA_URL##

export API_USERS=##API_USERS##

export VALID_ROLES=##VALID_ROLES##

export STUDIO_LOG_LEVEL=##STUDIO_LOG_LEVEL##

export PYTHON_HOME=##PYTHON_HOME##

#Following are spark specific configurations, Leave as it is if not applicable

export MMG_SPARK_ENABLED=##MMG_SPARK_ENABLED## #will be false by default

export SPARK_HOME=##SPARK_HOME## #required if MMG_SPARK_ENABLED is true

export HADOOP_HOME=##HADOOP_HOME## #only needed if running spark with hadoop cluster

export SPARK_MASTER=##SPARK_MASTER## #required if MMG_SPARK_ENABLED is true

export SPARK_DEPLOY_MODE=##SPARK_DEPLOY_MODE## #required if MMG_SPARK_ENABLED is true

export DATASTUDIO_SPARK_INTERPRETER_PORT=##DATASTUDIO_SPARK_INTERPRETER_PORT## #required if MMG_SPARK_ENABLED is true

export R_ENABLED=##R_ENABLED## export R_PYTHON_HOME=##R_PYTHON_HOME##

# Following are fcc services specific configurations, Leave as it is if not applicable

export TEMPLATE_CONFIG_PATH=##TEMPLATE_CONFIG_PATH##

export TEMPLATE_DEFAULT_LINK=##TEMPLATE_DEFAULT_LINK##

export AUTH_SERVICE_URL=##AUTH_SERVICE_URL##

export META_SERVICE_URL=##META_SERVICE_URL##

export ER_SERVICE_URL=##ER_SERVICE_URL##

export BATCH_SERVICE_URL=##BATCH_SERVICE_URL##

export SAML_ISSUER=##SAML_ISSUER##

export SAML_DESTINATION=##SAML_DESTINATION##

export SAML_ASSERTION=##SAML_ASSERTION##

export SAML_ROLE_ATTRIBUTE=##SAML_ROLE_ATTRIBUTE##

export SAML_STUDIO_LOGOUT_URL=##SAML_STUDIO_LOGOUT_URL##

export SAML_COOKIE_DOMAIN=##SAML_COOKIE_DOMAIN##

# Following are pipeline services specific configurations, Leave as it is if not applicable

export DATAPIPELINE_SERVICE_PORT1=##DATAPIPELINE_SERVICE_PORT1##

export DATAPIPELINE_SERVICE_PORT2=##DATAPIPELINE_SERVICE_PORT2##

export DATAPIPELINE_METADATA_ARCHIVE_PATH=##DATAPIPELINE_METADATA_ARCHIVE_PATH##

export DATAPIPELINE_METADATA_IMPORT_SERVICE_PORT=##DATAPIPELINE_METADATA_IMPORT_SERVICE_PORT##

export DATAPIPELINE_ERXMLPATH=##DATAPIPELINE_ERXMLPATH##

export DATAPIPELINE_GATEWAY_SERVICE_PORT=##DATAPIPELINE_GATEWAY_SERVICE_PORT##

export PIPELINE_UI_SERVICE_PORT=##PIPELINE_UI_SERVICE_PORT##

export DATA_PIPELINE_UI_SERVICE_PORT=##DATA_PIPELINE_UI_SERVICE_PORT##

export DATAPIPELINE_HAZELCAST_PORT=##DATAPIPELINE_HAZELCAST_PORT##

#URLS for pipeline,ER and matching service. Leave as it is if not applicable. Will impact the pipeline that could be added to a graph

export MATCHRULE_BASE_URL=##MATCHRULE_BASE_URL##

export LOADGRAPH_BASE_URL=##LOADGRAPH_BASE_URL##

export MATCHSRVC_UI_URL=##MATCHSRVC_UI_URL##

#URLS for index service. Leave as it is if not applicable. Will impact the pipeline that could be added to a graph

export GRAPH_INDEX_BASE_URL=##GRAPH_INDEX_BASE_URL##

export LOADINDEX_UI_URL=##LOADINDEX_UI_URL##

export MATCHING_MECHANISM=##MATCHING_MECHANISM##

export CANDIDATE_SELECTION_SERVICE_URL=##CANDIDATE_SELECTION_SERVICE_URL##

export LOAD_TO_OS_URL=##LOAD_TO_OS_URL## #Changes for auth services + mmg keys export AAI_COOKIE_DOMAIN=##AAI_COOKIE_DOMAIN##

export MMG_KEYS_LOC=##MMG_KEYS_LOC##

#Properties to package Load to Graph (L2G) service inside MMG

## Start of L2G Properties

## export GRAPH_INSTALLATION_PATH=##GRAPH_INSTALLATION_PATH##

export GRAPH_KEYSTORE_PASSWORD=##GRAPH_KEYSTORE_PASSWORD##

export GRAPH_SERVICE_PORT=##GRAPH_SERVICE_PORT##

## Graph schema configurations

export MMG_DB_SERVER_NAME=##MMG_DB_SERVER_NAME##

export MMG_DB_PORT=##MMG_DB_PORT##

export MMG_DB_SERVICE_NAME=##MMG_DB_SERVICE_NAME##

export PGX_SERVER_URLS=##PGX_SERVER_URLS##

#### PGX data memory limits configurations ##

Overall Configuration

export MAX_TOTAL_SHARED_DATA_MEMORY_SIZE=##MAX_TOTAL_SHARED_DATA_MEMORY_SIZE##

export MAX_TOTAL_PRIVATE_DATA_MEMORY_SIZE=##MAX_TOTAL_PRIVATE_DATA_MEMORY_SIZE##

export MAX_PER_SESSION_DATA_MEMORY_SIZE=##MAX_PER_SESSION_DATA_MEMORY_SIZE## ## Role wise data memory limits

export MAX_DATA_MEMORY_SIZE_DSUSRGRP=##MAX_DATA_MEMORY_SIZE_DSUSRGRP##

export MAX_DATA_MEMORY_SIZE_DSBATCH=##MAX_DATA_MEMORY_SIZE_DSBATCH##

export MAX_DATA_MEMORY_SIZE_DSINTER=##MAX_DATA_MEMORY_SIZE_DSINTER##

export MAX_DATA_MEMORY_SIZE_DSAPPROVER=##MAX_DATA_MEMORY_SIZE_DSAPPROVER##

export MAX_DATA_MEMORY_SIZE_DSUSER=##MAX_DATA_MEMORY_SIZE_DSUSER##

export MAX_DATA_MEMORY_SIZE_IHUSRGRP=##MAX_DATA_MEMORY_SIZE_IHUSRGRP##

export GRAPH_SERVICE_CACHE_SERVER_PORT=##GRAPH_SERVICE_CACHE_SERVER_PORT##

#end of Properties configurations for L2G

##Schema details for graph service. This is configured as a temporary/target space for DP to create target tables which will act as input to L2G

export GRAPH_SCHEMA_WALLET_ALIAS=##GRAPH_SCHEMA_WALLET_ALIAS##

export GRAPH_SCHEMA_DB_SCHEMA_NAME=##GRAPH_SCHEMA_DB_SCHEMA_NAME##

#Additional MMG Features

export MMG_MODEL_PIPELINE_SANDBOX_DEFAULT_VIEW=##MMG_MODEL_PIPELINE_SANDBOX_DEFAULT_VIEW##

## The following properties are optional and enabled by default. If needed, you can uncomment them and set them to false.

#export MMG_HTTP2_ENABLED=##MMG_HTTP2_ENABLED##

#export MMG_SERVER_ACCESS_LOG_ENABLED=##MMG_SERVER_ACCESS_LOG_ENABLED##

## The following properties are optional and disabled by default. If needed, you can uncomment them and set them to true.

#export OJET_CDN_ENABLED=##OJET_CDN_ENABLED##

##The following Properties are related to EST export EST_ENABLED=##EST_ENABLED##

export EST_UI_URL=##EST_UI_URL##

export EST_SERVICE_URL=##EST_SERVICE_URL##

export DATACATALOG_SERVICE_URL=##DATACATALOG_SERVICE_URL##

##DEFAULT CONNECTION POOLING CONFIGURATION FOR EXTERNAL SCHEMA (Time in ISO-8601 format)

export GRAPH_EXT_SCHEMA_ENABLE_CP=##GRAPH_EXT_SCHEMA_ENABLE_CP##

export GRAPH_EXT_SCHEMA_CP_MAX_IDLE=##GRAPH_EXT_SCHEMA_CP_MAX_IDLE##

export GRAPH_EXT_SCHEMA_CP_MIN_IDLE=##GRAPH_EXT_SCHEMA_CP_MIN_IDLE##

export GRAPH_EXT_SCHEMA_CP_INITIAL_SIZE=##GRAPH_EXT_SCHEMA_CP_INITIAL_SIZE##

export GRAPH_EXT_SCHEMA_CP_MAX_TOTAL=##GRAPH_EXT_SCHEMA_CP_MAX_TOTAL##

export GRAPH_EXT_SCHEMA_CP_MAX_WAIT_MILLIS=##GRAPH_EXT_SCHEMA_CP_MAX_WAIT_MILLIS##

export GRAPH_EXT_SCHEMA_CP_MIN_EVICTABLE_IDLE_TIME=##GRAPH_EXT_SCHEMA_CP_MIN_EVICTABLE_IDLE_TIME##

export GRAPH_EXT_SCHEMA_CP_SOFT_MIN_EVICTABLE_IDLE_TIME=##GRAPH_EXT_SCHEMA_CP_SOFT_MIN_EVICTABLE_IDLE_TIME##

export GRAPH_DOCUMENT_DOWNLOAD_PATH=##GRAPH_DOCUMENT_DOWNLOAD_PATH##

##Proxy Configurations

export GRAPH_NO_PROXY=##GRAPH_NO_PROXY##

##Data Studio Ports

## Following are the default ports 7008, 7009, 7012,-1. If needed, you can change the port numbers other than the default values.

export DATASTUDIO_SERVER_PORT=##DATASTUDIO_SERVER_PORT##

export DATASTUDIO_MARKDOWN_INTERPRETER_PORT=##DATASTUDIO_MARKDOWN_INTERPRETER_PORT##

export DATASTUDIO_PYTHON_INTERPRETER_PORT=##DATASTUDIO_PYTHON_INTERPRETER_PORT##

export DATASTUDIO_R_INTERPRETER_PORT=##DATASTUDIO_R_INTERPRETER_PORT##

export DATASTUDIO_JDBC_INTERPRETER_PORT=##DATASTUDIO_JDBC_INTERPRETER_PORT##

export DATASTUDIO_PYTHON_INTERPRETER_REST_SERVER_PORT=##DATASTUDIO_PYTHON_INTERPRETER_REST_SERVER_PORT##

DATASTUDIO_PGX_PYTHON_INTERPRETER_REST_SERVER_PORT=##DATASTUDIO_PGX_PYTHON_INTERPRETER_REST_SERVER_PORT##

export DATASTUDIO_THRIFT_EVENT_HANDLER_PORT=##DATASTUDIO_THRIFT_EVENT_HANDLER_PORT##

export DATASTUDIO_PGX_INTERPRETER_PORT=##DATASTUDIO_PGX_INTERPRETER_PORT##

export MMG_COHERENCE_CLUSTER_PORT=##MMG_COHERENCE_CLUSTER_PORT##

##MMG Gateway Configuration

export MMG_GATEWAY_ENABLED=##MMG_GATEWAY_ENABLED##

export MMG_GATEWAY_PORT=##MMG_GATEWAY_PORT##

## If Gateway is enabled, the following property can be set to control the pages where MMG can be embedded:

# Set to 'self' to allow embedding only from the same origin (recommended for most setups).

# Set to 'all' or '*' to allow embedding from any origin. (less secure)

# Set to a comma-separated list of origins to allow embedding from those specified origins and from the same origin.

# By default, this is set to 'self'. export MMG_CSP_FRAME_ANCESTORS=##MMG_CSP_FRAME_ANCESTORS##

# If the Gateway is enabled, this property can be set to control the pages where Data Studio can be embedded:

# Set to '*' to allow embedding from any origin (less secure).

# Set to a comma-separated list of origins to allow embedding from those specified origins and from the same origin.

# By default, this is set to MMG Gateway URL.

# If a load balancer or an external gateway is configured for MMG Gateway, the URL must be included in the list of origins.

export DATASTUDIO_CSP_FRAME_ANCESTORS=##DATASTUDIO_CSP_FRAME_ANCESTORS##

##MMG Model Serving Configuration

export MMG_MODEL_ENDPOINT_RESTART_INTERVAL=##MMG_MODEL_ENDPOINT_RESTART_INTERVAL##

Note:

Gateway is enabled by default and gateway port is mandatory to access gateway enabled UI.

#ENDOFFILE#

Table 5-1 config.sh file

Parameter	Description	Is Mandatory	Comments
Common Properties
##ENB_GRP_SYNC##	This is the Enable Group sync property. When this is set as `TRUE`, then whichever groups have been added in AAI/SAML for that particular user will automatically get reflected in OFS MMG when logged in via that user. If a user has created any group in the OFS MMG application and logs out and then logs in again , the new group that was added will get removed because `ENB_GRP_SYNC` was set as `TRUE`. This means that it will sync groups from AAI/SAML. If `ENB_GRP_SYNC` is set as `FALSE`, then if the user creates groups in the OFS MMG application, logs out and then logs back in, that group will not be removed.	NA	NA
##ENB_CSTM_GRP##	This is the Enable Custom Group. When this is set as `TRUE`, the user can create any custom groups in the OFS MMG application. This must not be deleted when the user logs out and logs back into the application by using that particular user.	NA	NA
##APPLICATION_NAME##	Title of the application; if not replaced, default is : Model Management and Governance.	YES	It defaults to "Model Management and Governance." NOTE: Provide double quotes for the application name if it is long or contains spaces.
##WALLET_LOCATION##	The wallet is the folder containing the sqlnet.ora, wallet.sso, and .p12 files.	YES	/scratch/users/wallet
##TNS_ADMIN_PATH##	The folder that contains the tnsnames.ora file.	YES	/scratch/users/tns
##WALLET_ALIAS##	The wallet alias name configured for the MMG application config schema.	YES	STSA_CONFIG Note: Ensure that you provide the same alias name as provided in the configForEST.sh file.
##LOG_HOME##	A writable folder designated for storing application and MMG Studio logs.	YES	/scratch/users/logs Note: Ensure that log folder is created before installation.
##FTPSHARE##	This can be any writable folder accessible to the process owner.	YES	/scratch/users/ftpshare Ensure that ftpshare folder is created before installation. This should be same as the metadata directory mentioned above.
##DATASTUDIO_URL##	URL for MMG Studio.	YES	By default, Data Studio is assumed to run on the same server. If it is running on a different host, uncomment the line below and provide the appropriate URL. https://<hostname/IP>:7008/<contextpath> NOTE: The default port for MMG Studio is 7008 and should not be modified.
##BE_HOSTNAME##	Hostname on which the backend service (mmg-service) runs. Use the same hostname wherever applicable.	YES	HostIP or FQDN
##BE_PORT##	Port on which the backend service (mmg-service) needs to run.	YES	7002
##UI_PORT##	Port on which UI service (mmg-ui) needs to run.	YES	7001
##SCHEMA_PORT##	Port on which Schema Creator service needs to run.	YES	7003
##CONTEXT_PATH##	Context path of the application.	YES	mmg
##STUDIO_AUTH_TYPE##	FCC_SSO – for SAMLRealm based authentication in FCC Studio MMG_AAI- AAI based authentication for MMG Studio	YES	Can be either MMG_AAI or FCC_SSO
##SSO_TOKEN##	SSO Token value for Studio authentication. Applicable only when STUDIO_AUTH_TYPE is FCC_SSO and MMG_AAI. For FCC_SSO, refer to the Oracle Financial Services Compliance Studio Installation Guide. For MMG_AAI, to create the SSO Token, follow these steps. Locate <MMG_INSTALLATION_PATH>/ OFS_MMG/bin /key-generator.sh and execute it. After successful execution, public key and private key are generated at the following paths: <MMG_INSTALLATION_PATH>/OFS_MMG/conf and <MMG_INSTALLATION_PATH>/OFS_MMG/mmg-studio/conf/ Execute the token-generator.sh file by passing <API_USER> as an argument value. This file is located at the following path: <MMG_INSTALLATION_PATH>/OFS_MMG/bin Example: ./token-generator.sh MMG_API_USER After successful execution, a file named token.out is created inside the same bin directory. The token.out file contains the following content: “Generated JWT Token for MMG_API_USER: <some-long-random-token-value>” Copy the <some-long-random-token-value> part mentioned above and paste it into ##SSO_TOKEN## in the config.sh file. Ensure that there is no space or end line at either the start or end while copying this value into ##SSO_TOKEN##.	YES	Note: SSO token value needs to be regenerated whenever new keys are generated.
##SSL_ENABLED##	This enables HTTPS.	YES	Example: `true`
##SSL_KEYSTORE##	Absolute path for the keystore file. Note: Run the following command to create a keystore: keytool -genkey -v -alias demoalias -keyalg RSA -keysize 2048 -keystore server.keystore -validity 3650 -keypass secret -storepass secret -storetype PKCS12	YES	../conf/server.keystore. Include the file name in the path. NOTE: If ##SSL_ENABLED## is set to false, you must configure keystore for mmg-studio, as it is SSL-enabled by default. MMG application and MMG Studio can share the same SSL configuration if set up on the same server.
##SSL_KS_SECRET##	Keystore secret The value passed in the aforementioned command for -keypass	YES	Example: secret
##SSL_KS_TYPE##	Keystore type The value passed in the aforementioned command for -storetype Can be either JKS or PKCS12	YES	Example: PKCS12
##SSL_KS_ALIAS##	Keystore alias The value passed in the aforementioned command for -alias	YES	Example: demoalias
##SESSION_TOKEN_CREDENTIALS##	The password used to generate the Authorization header token to communicate with mmg-services.	YES	NOTE: If not applicable, enter NA
##FCC_API_USER##	API user for FCC Studio.	YES	NOTE: If not applicable, enter NA
##MMG_DATASOURCE_MAX_POOL_SIZE##	Maximum connection pool size allowed for Config Datasource.	YES	It defaults to 10. You can edit it if required.
##MMG_DATASOURCE_IDLE_TIMEOUT##	Idle timeout for config Datasource.	YES	It defaults to 30000. You can edit it if required.
##MMG_DATASOURCE_CONN_TIMEOUT##	Connection timeout for Config Datasource.	YES	It defaults to 80000. You can edit it if required.
##EXT_DATASOURCE_MAX_POOL_SIZE##	Maximum connection pool size allowed for meta/data schemas.	YES	It defaults to 10. You can edit it if required.
##EXT_DATASOURCE_IDLE_TIMEOUT##	Idle timeout for meta/data schemas.	YES	It defaults to 30000. You can edit it if required.
##EXT_DATASOURCE_CONN_TIMEOUT##	Connection timeout for meta/data schemas.	YES	It defaults to 80000. You can edit it if required.
##MMG_HTTP_MAX_CONN##	The maximum number of connections allowed across all routes.	YES	It defaults to 20.
## MMG_HTTP_MAX_CONN_PER_ROUTE##	The maximum number of HTTP connections allowed for a route.	YES	It defaults to 2.
##MMG_HTTP_CONNECT_TIMEOUT##	The connection timeout for HTTP connection. A timeout value of 0 specifies an infinite timeout.	YES	It defaults to 30000.
##MMG_HTTP_READ_TIMEOUT##	The socket read timeout for HTTP connection. A timeout value of 0 specifies an infinite timeout.	YES	It defaults to 120000.
##APPLICATION_ID##	The id will be stored as app_id and must be the same as mentioned in the APP_ID column of MMG_PATCHES table. Currently the UI displays the MMG Version <version number of application> and last applied MMG version.	YES	The APPLICATION_ID should be without spaces.
Properties for mmg-ui
##APPLICATION_FAVICON_PATH##	Icon for the application. If not specified, it will default to the icon at the following location: `css/images/favicon.ico`	NO	`css/images/favicon.ico`
##UI_AUTH_TYPE##	aai – if using an existing AAI instance as the identity provider. saml – for saml based authentication ldap – for ldap based authentication NOTE: This is case sensitive.	YES	Can be one of the following: aai, or saml or ldap.
##AAI_AUTH_URL##	Base URL of the AAI instance. Will be used for ##UI_AUTH_TYPE## = aai Note: If the target AAI is https, then it is necessary to import the AAI host certificate into the MMG server Java keystore.	YES	http(s)://whfxxxxx.in.oracle.com:7110/mmg
##SAML_IDP_URL##	This is the endpoint on the IDP side where SAML requests are posted. The Service Provider (SP) needs to obtain this information from the Identity Provider (IDP).	YES	http(s)://idcs-xxxx.com/fed/v1/idp/sso This is used only if ##UI_AUTH_TYPE## is SAML.
##SAML_SP_ENTITY##	Enter a globally unique name for SAML entity. It typically takes the URL of an identity provider or a service provider as a value.	YES	http(s)://<UI_HOST>:<UI_PORT>/mmg This is used only if ##UI_AUTH_TYPE## is SAML.
##SAML_SRV_URL##	UI Landing Page URL.	YES	http(s)://<UI_HOST>:<UI_PORT>/mmg/home This is used only if ##UI_AUTH_TYPE## is SAML.
##SAML_LOGOUT_URL##	Initiated SAML Single Logout URL.	YES	http(s)://idcs-xxxx.com/sso/v1/user/logout This is used only if ##UI_AUTH_TYPE## is SAML.
export SAML_SIGN_AUTHN_REQ		YES
export SAML_PRIVATE_KEY_PATH			/scratch/mmg8131/config/sp-privatekey.pem
export SAML_SP_X509_CERT_PATH			/scratch/mmg8131/config/sp-certificate.cer
SAML_SIGN_ALGORITHM	Specifies the XML Digital Signature algorithm URI to be used for signing SAML assertions/requests. The accepted values are: `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` `http://www.w3.org/2000/09/xmldsig#rsa-sha1` Note: Configure this value to match the signing algorithm supported/required by your Identity Provider (IdP).
AUTH_SAML_REQUEST_TYPE	This can be set to REDIRECT (default) /POST.
AUTH_SAML_INCLUDE_SP_CERT	This can be set to True/False (default).
##LDAP_URL##	LDAP URL Will be used for ##UI_AUTH_TYPE## = LDAP	YES	ldap://whf00xyz:3060/
##LDAP_SEARCH_BASE##	LDAP Search Base Will be used for ##UI_AUTH_TYPE## = LDAP	YES	"cn=Users,dc=oracle,dc=com"
##LDAP_USER_FILTER##	LDAP User Filter Will be used for ##UI_AUTH_TYPE## = LDAP	YES	"cn={0}"
#LDAP_USER_SEARCH_FILTER##	LDAP User Search Filter Will be used for ##UI_AUTH_TYPE## = LDAP	YES
##LDAP_GROUP_SEARCH_FILTER##	LDAP Group Search Filter Will be used for ##UI_AUTH_TYPE## = LDAP	YES
##LDAP_GROUP_SEARCH_BASE##	LDAP Group Search Base Will be used for ##UI_AUTH_TYPE## = LDAP	YES
##LDAP_GROUP_MEMBER#	LDAP Group Member Will be used for ##UI_AUTH_TYPE## = LDAP	YES
##AAI_AUTHZ_ENABLED##	This is disabled and is set to False by default. Set AAI_AUTHZ_ENABLED to True to enable.	YES
##AAI_CLIENT_ID##	This is instance name generated via the sysadmn in the OFSAA Application to which the aai_auth_url is pointing to. Create this in the OFSAA application in the location where you had configured the AAI Auth URL. Login as sysadmn in OFSAA From System Configuration, navigate to Configure Instance Access Token. Add a new access token.	YES
##AAI_CLIENT_SECRET##	This is the instant access token.	YES
##SERVER_COOKIE_DOMAIN##	The domain name.	YES	This should be the domain name of the host server. Example: .in.xyz.com Note: If the MMG application is configured with the IP address, then provide the same.
##SERVER_COOKIE_NAME##	The name for the cookie.	YES	If not set it will default to ORA_OLDS_SESSION
##SERVER_COOKIE_TIMEOUT##	Timeout/expiry duration in seconds.	YES	If not set, it defaults to 999999
##SERVER_COOKIE_IS_SECURE##	Specifies if we are using cookies to add an additional security layer to prevent cross-origin requests. Can be either true or false	YES	If not set, it defaults to true.
Properties for mmg-service
##BE_AUTH_TYPE##	Auth Type on which the backend service (mmg-service) runs.	YES	It defaults to public.
##MMG_PYTHON_INTERPRETER##	A comma separated value without whitespaces that specifies python interpreter python,fcc-ml4aml	YES	If not set, it defaults to python.
##DATASTUDIO_SCHEMA_WALLET_ALIAS##	This is the Studio datas ource wallet alias used to build the JDBC URL (`jdbc:oracle:thin:@<alias>`) for `services/mmg-studio/conf/application.yml` and to run the `DATASTUDIO_DATASOURCE_UPDATE` during install.	YES	`bin/install.sh` aborts with `DATASTUDIO_SCHEMA_WALLET_ALIAS not provided` if left as the placeholder. If this is not set, the installation fails before completion and the Studio datasource is not updated.
Properties for mmg-studio
##STUDIO_WALLET_ENABLED##	Set as true when using a wallet for the MMG Studio Schema. Can be either true/TRUE or false/FALSE (all caps or all small)	YES	true/TRUE
##LOGIN_SHOW##	Can be either true/TRUE or false/FALSE (all caps or all small) Note: Set as true when the login screen of Studio is required. This property should be set as true if MMG application is non-SSL.	YES	It defaults to true.
##SESSION_MODE##	Can be either NOTEBOOK or NOTEBOOK_USER.	YES	If not set, it defaults to NOTEBOOK_USER.
##STUDIO_REALM##	Can be either OFSAARealm or saml.OFSAASamlRealm	YES	OFSAARealm – the default realm for studio auth type FCC_AAI, MMG_AAI. .auth.saml.OFSAASamlRealm – for SAML specific studio authentication
##OFSAA_URL##	AAI login IDM Service URL. This is applicable only if ## STUDIO_AUTH_TYPE ## is " MMG_AAI ".	YES	Format: http://<ofsa-web-host>:<port>/<context>/rest-api For example, http://ABC00abc:4325/LLFP/rest-api The /rest-api is mandatory for OFSAA URL.
##API_USERS##	This is the API user with which the token is generated; if not set, it defaults to MMG_API_USER. Note: Use the same <API_USER> as given in the ##SSO_TOKEN##	YES	MMG_API_USER
##VALID_ROLES##	MDLUSR,MDLREV,MDLAPPR The comma separated values for Studio-related roles in USER-ROLE mapping.	YES	MDLBATCHUSR, DSUSRGRP, DSREDACTGRP
##DATASOURCE_URL##	The connection address to the database where the MMG Studio Schema is created. When ##WALLET_ENABLED## is false- jdbc:oracle:thin:@<Host>:<Port>/<Service_Name> When ##WALLET_ENABLED## is true- jdbc:oracle:thin:@<DS ALIAS> where <DS_ALIAS> is the wallet alias configured for the MMG Studio Schema.	YES
##DATASOURCE_USERNAME##	MMG Studio Schema/User name; required only when ##WALLET_ENABLED## is false	YES	dsschema
##DATASOURCE_PASSWORD##	MMG Studio Schema/User Password; required only when ##WALLET_ENABLED## is false	YES	password
##DATASOURCE_DRIVER##	Database Driver used in connection	YES	oracle.jdbc.OracleDriver
##JPA_DB_PLATFORM##	Hibernate Class or SQL Dialect used in Database	YES	org.hibernate.dialect.Oracle12cDialect
##STUDIO_LOG_LEVEL##	Logging level for logs.	YES	info, warn, debug or error logs
##PYTHON_HOME##	Home Path of Python Library. It defaults to python3 during installation. For a custom installation of python3 where the soft link is not configured, you can mention the complete path up to python3.	YES	python3
##MMG_SPARK_ENABLED##	Enables or disables the Spark support for Data Studio and is mapped to the legacy `MMG_SPARK_ENABLED`.	NO	The default value is `false` when not explicitly set to `true` in `bin/initialize-install.sh`. If this has not been set then it is normalized to `false`, and `services/mmg-studio/bin/install.sh` disables the Spark interpreter by forcing `DATASTUDIO_SPARK_INTERPRETER_PORT=-1`.
##SPARK_HOME##	Absolute path of Apache Spark Library.	NO
##HADOOP_HOME##	The hadoop home directory that are passed into the Studio startup/install scripts for Spark-related runtime configuration.	NO	If this is not set, then, no explicit defaulting logic was found. Spark-related runtime behavior depends on how Studio/Spark is configured.
##SPARK_MASTER##	The spark master URL/mode that is written into the Studio Spark interpreter configuration (spark.json).	NO	If this is not set, then, no explicit default was found. `services/mmg-studio/bin/install.sh` has special handling only for `SPARK_DEPLOY_MODE` when master starts with `local`; otherwise Spark config uses the provided value.
##SPARK_DEPLOY_MODE##	Spark deploy mode written into the Studio Spark interpreter configuration (`spark.json`), e.g. client/cluster depending on the Spark setup.	No	No explicit defaultexists. If `SPARK_MASTER` starts with local and deploy mode is still the placeholder, then, `services/mmg-studio/bin/install.sh` clears it to an empty value.
##DATASTUDIO_SPARK_INTERPRETER_PORT##	This is the port that is assigned to the Data Studio Spark remote interpreter server. This is used in the Studio startup/shutdown scripts and written into `spark.json`.	NO	The default value is `-1` and is mapped in `bin/initialize-install.sh`. If this has not been set then the Spark interpreter stays disabled (`-1`); `services/mmg-studio/bin/install.sh` also forces `-1` when Spark is disabled.
##R_ENABLED##	This can be set to TRUE/true or FALSE/false depending on which R interpreter will be started and will be present in the interpreters list. Note: If you are using an older Studio schema with an R-interpreter already present and then install with R_ENABLED set as FALSE; the R- interpreter will remain in the interpreter’s menu of Studio and must be deleted from there.	YES	The default is False.
##RS_CONF_PATH##	Absolute path to Rserve.conf file for running Rserve.	YES	/scratch/users/datastudio/conf/Rserve.conf
##RS_KEYSTORE##	Absolute path for the Keystore file made for Rserve.conf.	YES	/scratch/users/datastudio/conf/rinterpreterkeystore
##RS_KS_SECRET##	Keypass for rinterpreterkeystore.	YES	Example: changeit
##R_PYTHON_HOME##	Python binary/directory used by the Data Studio R interpreter (`R_PYTHON_HOME` / `plainr.json` "Python directory").	NO	If not set, then, no explicit defaulting logic was found. The generated R interpreter config receives the provided value or placeholder, and R interpreter behavior depends on the Studio/R setup.
FCC Services Specific Configurations
##TEMPLATE_CONFIG_PATH##	Configuration path of the Template.	NO
##TEMPLATE_DEFAULT_LINK##	Default link of the template.	NO
##AUTH_SERVICE_URL##	The AUTH service URL that is activated after the fccstudio.sh file runs.	NO	Example: https://<hostname>:7041/authservice
##META_SERVICE_URL##	The metaservice URL that is activated after the fccstudio.sh file runs.	NO	Example: https://<hostname>:7045/metaservice
##ER_SERVICE_URL##	Used for the entity resolution service.	NO	Example: https://<hostname>:<port>
##BATCH_SERVICE_URL##	Used for the batch service.	NO	Example: https://<hostname>:<port>/batchservice
##SAML_ISSUER##	The SAML entity ID (Studio URL) configured in the IDP.	YES	https://<hostname>.xyz.com:7008
##SAML_DESTINATION##	The SAML IDP URL that the Identity Provider provides after creating the SAML application.	YES	https://idcs-xyzgvh.com/fed/v1/idp/sso
##SAML_ASSERTION##	The SAML Consume URL (Studio/URL/saml/consume) that is configured in IDP.	YES	https://<hostname>.xyz.com:7008/saml/consume
##SAML_ROLE_ATTRIBUTE##	The SAML client identifier provided by the SAML Administrator for the role and attributes information while creating the SAML application for MMG Studio. The attribute will contain the role required for the application.	YES	Example: group
##SAML_STUDIO_LOGOUT_URL##	The SAML client identifier provided by the SAML Administrator for the Logout URL information, while creating the SAML application for MMG Studio.	YES	https://idcs-xyzgvh.com/sso/v1/user/logout
##SAML_COOKIE_DOMAIN##	Domain of the server.	YES	Example: in.xyz.com
pipeline services specific configurations
##DATAPIPELINE_SERVICE_PORT1##	The port where the pipeline service resides.	YES	By default, it is set as 18005.
##DATAPIPELINE_SERVICE_PORT2##	The port where the data pipeline service resides.	YES	By default, it is set as 18006.
##DATAPIPELINE_METADATA_ARCHIVE_PATH##	The dump path for the pipeline service.	YES	/OFS_MMG/mmg-pipeline/pipeline/pipeline-service-x.x.x.x.x.
##DATAPIPELINE_METADATA_IMPORT_SERVICE_PORT##	Meta data import service port.	YES	By default, it is set as 18007.
##DATAPIPELINE_ERXMLPATH##	The XML path in which the schema details are stored.	NO
##DATAPIPELINE_GATEWAY_SERVICE_PORT##	Data pipeline gateway service port.	YES
##PIPELINE_UI_SERVICE_PORT##	Pipeline UI service port.	YES
##DATA_PIPELINE_UI_SERVICE_PORT##	Data pipeline UI service port	YES
##DATAPIPELINE_HAZELCAST_PORT##	This is the hazelcast port injected into the pipeline installation config as `PPS_HAZELCAST_PORT` and is used by the pipeline stack for Hazelcast clustering/discovery.	NA	If this is not set, then, no defaulting logic was found in the MMG installer scripts. The downstream pipeline install/runtime behavior would determine a failure.
URLS for pipeline,ER and matching service. Leave as it is if not applicable. Will impact the pipeline that could be added to a graph
##MATCHRULE_BASE_URL##	The host and port where the match rule service resides.	NO	http(s)://abc.in.xyz.com:7051
##LOADGRAPH_BASE_URL##	The host and port where the load graph service resides.	YES	http(s)://abc.in.xyz.com: 7059/graph-service
##MATCHSRVC_UI_URL##	Matching Service UI resource path.	NO
URLs for index service. Leave as it is if not applicable. Will impact the pipeline that could be added to a graph
##GRAPH_INDEX_BASE_URL##	Indicates the Graph Index resource path.	NO	http(s)://<hostname>xyz.com:7053/load-to-elastic-search
##LOADINDEX_UI_URL##	Indicates the Graph Load Index UI resource path.	NO
##MATCHING_MECHANISM##	Indicates the matching mechanism for Entity Resolution and Graph Enter the value that is used for matching mechanism for Entity Resolution and Graph. The options are OS, and OT. Where OS refers to OpenSearch, and OT refers to Candidate Selection with Oracle Text matching. By default, the value of the parameter is OT. For MATCHING_MECHANISM = OT, no additional installation or configuration is required as it is part of the Oracle Database. NOTE: This is applicable for Compliance Studio.	NO
##CANDIDATE_SELECTION_SERVICE_URL##	Enable this service for Entity Resolution and Graph use cases when MATCHING_MECHANISM is set to OT. NOTE: This is applicable for Compliance Studio.	NO
##LOAD_TO_OS_URL##	Provide the URL for Entity Resolution and Graph use cases when MATCHING_MECHANISM is set to OT. NOTE: This is applicable for Compliance Studio.	NO
Changes for Auth Services + MMG Keys
##AAI_COOKIE_DOMAIN##	The domain of the server.	YES	Example: in.xyz.com
##MMG_KEYS_LOC##	Indicates public and private key location.	YES	Example:< MMG Installation Path> /OFS_MMG/conf
Properties to package Load to Graph (L2G) service inside MMG ## Start of L2G Properties ##
##GRAPH_INSTALLATION_PATH##	The installation path of the Graph.	YES	<MMG Installation Path>/ OFS_MMG/mmg-load-to-graph/graph-service
##GRAPH_KEYSTORE_PASSWORD##	Graph Keystore Password.	YES	Password
##GRAPH_SERVICE_PORT##	Graph Service Port	YES	By default, it is set as 7059. You should not modify the Graph Service Port if graphs are already created and executed.
Graph schema configurations
##MMG_DB_SERVER_NAME##	Name of the MMG Database Server.	YES
##MMG_DB_PORT##	The port of the MMG database server.	YES
##MMG_DB_SERVICE_NAME##	Name of the MMG Database Service.	YES
##PGX_SERVER_URLS##	Indicates the pgx server resource path. Skip this if not installing pgx.	YES	http(s)://<hostname>.xyz.com:<pgx port>/<pgx context name>
PGX data memory limits configurations Overall Configuration
##MAX_TOTAL_SHARED_DATA_MEMORY_SIZE##	Maximum total shared data memory size.	YES	Edit if required; default value is 20 GB.
##MAX_TOTAL_PRIVATE_DATA_MEMORY_SIZE##	Maximum total private data memory size.	YES	Edit if required; default value is 8 GB.
##MAX_PER_SESSION_DATA_MEMORY_SIZE##	Maximum per session data memory size.	YES	Edit if required; default value is 700 MB.
Role wise data memory limits
##MAX_DATA_MEMORY_SIZE_DSUSRGRP##	Maximum data memory size allowed for DSUSRGRP.	YES	Edit if required; default value is 10 GB.
##MAX_DATA_MEMORY_SIZE_DSBATCH##	Maximum data memory size allowed for DSBATCH.	YES	Edit if required; default value is 10 GB.
##MAX_DATA_MEMORY_SIZE_DSINTER##	Maximum data memory size allowed for DSINTER.	YES	Edit if required; default value is 5 GB.
##MAX_DATA_MEMORY_SIZE_DSAPPROVER##	Maximum data memory size allowed for DSAPPROVER.	YES	Edit if required; default value is 5 GB.
##MAX_DATA_MEMORY_SIZE_DSUSER##	Maximum data memory size allowed for DSUSER.	YES	Edit if required; default value is 5 GB.
##MAX_DATA_MEMORY_SIZE_IHUSRGRP##	Maximum data memory size allowed for IHUSRGRP.	YES	Edit if required.
##GRAPH_SERVICE_CACHE_SERVER_PORT##	This is the port injected into the load-to-graph `graph-service` configuration as `##GRAPH_SERVICE_CACHE_SERVER_PORT##`; appears to control the graph service cache server listener.	NA	If this is not set, then, no MMG-side defaulting logic was found. The downstream `graph-service config/install` behavior would determine the outcome.
end of Properties configurations for L2G Schema details for graph service. This is configured as a temporary/target space for DP to create target tables which will act as input to L2G
##GRAPH_SCHEMA_WALLET_ALIAS##	Wallet alias created for the Graph Schema.	YES
##GRAPH_SCHEMA_DB_SCHEMA_NAME##	Name of the Graph schema.	YES
Additional MMG Features
##MMG_MODEL_PIPELINE_SANDBOX_DEFAULT_VIEW##	This controls the default UI view for the Model Pipeline Sandbox via `mmg.pipeline.sandbox-default-view`; effective values are `canvas` and `notebook`.	NO	The default is `canvas`. If this is not set or is invalid: `services/build-ui/bin/install.sh`changes the value to lowercases and forces it to `canvas` unless the value is exactly `notebook`.
The following properties are optional and enabled by default. If needed, you can uncomment them and set them to false. #export MMG_HTTP2_ENABLED=##MMG_HTTP2_ENABLED## This enables HTTP/2 for the UI, service, and gateway via `server.http2.enabled`. Mandatory: No. By default it is enabled to `true`. If it is not set then, `bin/initialize-install.sh` normalizes any value other than explicit `false` to `true`. #export MMG_SERVER_ACCESS_LOG_ENABLED=##MMG_SERVER_ACCESS_LOG_ENABLED## This enables the Jetty access logs for the UI and service via `server.jetty.accesslog.enabled`. Mandatory: No By default this is enabled to `true`. If this is not set then `bin/initialize-install.sh` normalizes any value other than explicit `false` to `true`. The following properties are optional and disabled by default. If needed, you can uncomment them and set them to true. #export OJET_CDN_ENABLED=##OJET_CDN_ENABLED## The Following Properties are related to EST
##OJET_CDN_ENABLED##	Controls whether the UI loads Oracle JET assets from a CDN via `mmg.ojet-cdn.enabled`.	NO	This is disabled by default (`false`). If it is not set, then, `bin/initialize-install.sh` normalizes any value other than explicit true to `false`.
##EST_ENABLED##	Only used when EST application is integrated with MMG.	YES	The default value is FALSE.
##EST_UI_URL##	The URL of EST application. This is set based on ##EST_ENABLED## property.	NO
##EST_SERVICE_URL##	The Base URL to STSA Backend Application	YES	<HOST_NAME>:<EST_SERVICE_SERVER_PORT>/<EST_SERVER_SERVLET_CONTEXT_PATH>
##DATACATALOG_SERVICE_URL##	Only used when EST application is integrated with MMG.	NO
GRAPH_EXT_SCHEMA_ENABLE_CP	Enables/disables the external schema connection pooling for the graph-service load-to-graph configuration (`EXT_SCHEMA_ENABLE_CP`).	NA	If this has not been set, then, no MMG-side default was found. The generated graph-service config receives whatever value is provided, so the downstream behavior depends on the graph-service defaults/validation.
GRAPH_EXT_SCHEMA_CP_MAX_IDLE	The maximum number of idle connections allowed in the graph-service external schema connection pool (`EXT_SCHEMA_CP_MAX_IDLE`).	NA	If this is not set, then, no MMG-side defaulting logic was found. The downstream graph-service pooling configuration determines the effective behavior.
GRAPH_EXT_SCHEMA_CP_MIN_IDLE	Minimum number of idle connections to be retained in the graph-service external schema connection pool (`EXT_SCHEMA_CP_MIN_IDLE`).	NA	If this is not set, then, no MMG-side defaulting logic was found. The downstream graph-service pooling configuration determines the effective behavior.
GRAPH_EXT_SCHEMA_CP_INITIAL_SIZE	Initial size of the graph-service external schema connection pool (`EXT_SCHEMA_CP_INITIAL_SIZE`).	NA	If this is not set, then, no MMG-side defaulting logic was found. The downstream graph-service pooling configuration determines the effective behavior.
GRAPH_EXT_SCHEMA_CP_MAX_TOTAL	Maximum total connections allowed in the graph-service external schema connection pool (`EXT_SCHEMA_CP_MAX_TOTAL`).	NA	If this is not set, then, no MMG-side defaulting logic was found; downstream graph-service pooling configuration determines effective behavior.
GRAPH_EXT_SCHEMA_CP_MAX_WAIT_MILLIS	Maximum time in milliseconds that graph-service waits for an external schema pooled connection (`EXT_SCHEMA_CP_MAX_WAIT_MILLIS`).	NA	If this is not set, then, no MMG-side defaulting logic was found; downstream graph-service pooling configuration determines effective behavior.
GRAPH_EXT_SCHEMA_CP_MIN_EVICTABLE_IDLE_TIME	Minimum idle time before a connection in the graph-service external schema pool becomes eligible for eviction (`EXT_SCHEMA_CP_MIN_EVICTABLE_IDLE_TIME`).	NA	If this is not set, then, no MMG-side defaulting logic was found. The downstream graph-service pooling configuration determines the effective behavior.
GRAPH_EXT_SCHEMA_CP_SOFT_MIN_EVICTABLE_IDLE_TIME	Soft minimum idle time before graph-service may evict connections from the external schema pool while still trying to keep the configured minimum idle count (`EXT_SCHEMA_CP_SOFT_MIN_EVICTABLE_IDLE_TIME`).	NA	If this is not set, then, no MMG-side defaulting logic was found; downstream graph-service pooling configuration determines effective behavior.
GRAPH_DOCUMENT_DOWNLOAD_PATH	Filesystem path injected into graph-service config as `DOCUMENT_DOWNLOAD_PATH`. This appears to be where the graph-related document downloads are stored/read.	NA	If this is not set, then, no MMG-side defaulting logic was found. The downstream graph-service behavior determines whether document download features fail.
GRAPH_NO_PROXY	Proxy bypass list injected into graph-service config as `NO_PROXY`. This is used so that graph-related outbound calls can skip an HTTP proxy for specified hosts/domains.	NA	If this is not set, then, no MMG-side defaulting logic was found. The graph-service/runtime proxy behavior falls back to its own environment or defaults.
Data Studio Ports Following are the default ports 7008, 7009, 7012, -1. If needed, you can change the port numbers other than the default values.
##DATASTUDIO_SERVER_PORT##	The port of the Data Studio server.	NO	The default value is 7008.
##DATASTUDIO_MARKDOWN_INTERPRETER_PORT##	The port of the Data Studio Markdown Interpreter.	NO	The default values are 7009, 7029.
##DATASTUDIO_PYTHON_INTERPRETER_PORT##	The port of the Data Studio Python Interpreter.	NO	The default values are 7012, 7032, 6012.
##DATASTUDIO_R_INTERPRETER_PORT##	The port that is assigned to the Data Studio R remote interpreter server; used in Studio startup/shutdown scripts and is written into `r.json`.	NO	The default value is `-1` and is mapped in `bin/initialize-install.sh`. If this has not been set, then R interpreter stays disabled (`-1`).
##DATASTUDIO_JDBC_INTERPRETER_PORT##	The port of the Data Studio JDBC Interpreter.	NO	The default values are 7011, 7031.
##DATASTUDIO_PYTHON_INTERPRETER_REST_SERVER_PORT##	The port of the Data Studio Python Interpreter Rest server.	NO	The default value is 6012
##DATASTUDIO_PGX_PYTHON_INTERPRETER_REST_SERVER_PORT##	The port of the Data Studio PGX Python Interpreter Rest server.	NO	The default value is 6022
##DATASTUDIO_THRIFT_EVENT_HANDLER_PORT##	The port of the Data Studio Thrift Event handler.	NO	The default value is 8432
##DATASTUDIO_PGX_INTERPRETER_PORT##	The port of the Data Studio PGX Interpreter.	NO	The default value is 7022.
##MMG_COHERENCE_CLUSTER_PORT##	This is the port where the Coherence Cluster for the Notification service runs. By default, this value is 7574.	YES
##MMG Gateway Configuration
##MMG_GATEWAY_ENABLED##	Enables or disables the MMG Gateway. By default, this is set to 'self'. Note: Gateway is enabled by default and gateway port is mandatory to access gateway enabled UI.	YES
##MMG_GATEWAY_PORT##	Specifies the port on which the MMG Gateway will run.	YES
## If Gateway is enabled, the following property can be set to control the pages where MMG can be embedded: # Set to 'self' to allow embedding only from the same origin (recommended for most setups). # Set to 'all' or '*' to allow embedding from any origin. (less secure) # Set to a comma-separated list of origins to allow embedding from those specified origins and from the same origin. # By default, this is set to 'self'.
##MMG_CSP_FRAME_ANCESTORS##	Configure this attribute to all or the AAI or STSA origin when MMG has to be embedded from STSA or AAI. By default, MMG pages cannot be embedded if Gateway is enabled. This is to prevent CLickjacking vulnerability.	YES
# If the Gateway is enabled, this property can be set to control the pages where Data Studio can be embedded: # Set to '*' to allow embedding from any origin (less secure). # Set to a comma-separated list of origins to allow embedding from those specified origins and from the same origin. # By default, this is set to MMG Gateway URL. # If a load balancer or an external gateway is configured for MMG Gateway, the URL must be included in the list of origins.
##DATASTUDIO_CSP_FRAME_ANCESTORS##	If the Gateway is enabled, this property can be set to control the pages where Data Studio can be embedded: Set to '*' to allow embedding from any origin (less secure). Set to a comma-separated list of origins to allow embedding from those specified origins and from the same origin. Note: When specifying multiple origins for DATASTUDIO_CSP_FRAME_ANCESTORS, provide a comma-separated list with no spaces. Spaces after commas may be interpreted as part of the value and can result in incorrect CSP directives being generated in `application.yml`. For Example: Working: export DATASTUDIO_CSP_FRAME_ANCESTORS= [https://localhost.com,https://localhost2.com,https://localhost3.com\|https://localhost.com,https//localhost2.com,https://localhost3.com] or export DATASTUDIO_CSP_FRAME_ANCESTORS='[https://localhost.com,https://localhost2.com,https://localhost2.com \|https://localhost.com,https//localhost2.com,https://localhost2.com]' Not supported (You must not include spaces after commas): export DATASTUDIO_CSP_FRAME_ANCESTORS='[https://localhost.com \|https://localhost.com/], [https://localhost2.com \|https://localhost2.com/], [https://localhost3.com \|https://localhost3.com/]' By default, this is set to MMG Gateway URL.	YES
MMG_MODEL_ENDPOINT_RESTART_INTERVAL	This is a fixed-rate interval, in milliseconds, for periodically restarting model endpoint servers (`ENDPOINT_RESTART_INTERVAL`).	NO	The default value is `43200000` milliseconds (12 hours). If this is not set / blank / non-numeric, then, s`ervices/mmg-service/bin/install.sh` resets it to `43200000`. `ModelCatalogRestService` uses it in `@Scheduled(fixedRateString = "${ENDPOINT_RESTART_INTERVAL}")`.

Note:

If changes are done directly on UI and then restart is done then in that case overwrite will not be triggered so configuration would not change, it is only dependent on file system JSON).

Note:

In case of ##OFSAA_URL## and ##MMG_SVC_URL##, do not add any ending ‘/’ in the URLs
If pool size, connection timeout and idle timeout are not configured, then it will proceed with default Hikari Configurations.
The default session timeout is 3600 seconds (60 mins). You can configure timeout using server.servlet.session.timeout property.
If the AUTH type specified is AAI, make sure the AAI System has appropriate user groups mapped for the users. WKSPADMIN, IDNTYADMN, IDNTYAUTH need minimally to be present for a successful subsequent logins.
The name for MMG Studio cookie is ORA_OLDS_SESSION.
If the ##SSL_ENABLED## is set to false, keystore configuration must be done for mmg-studio as it is SSL enabled by default. MMG application and MMG Studio can use the same SSL configuration if configured in the same server.
The wallet is same for all the MMG services including MMG Studio. So, if you want to use the MMG Studio with wallet configurations, then configure in the same wallet.
If the MMG Studio is remotely configured, then the MMG Application Configuration Schema wallet alias and tnsnames.ora file entries need to be added to the MMG Studio configured wallet and tnsnames.ora file.
If MMG application is Non SSL, set the below property to “false” in the application.yml file inside the MMG Studio and restart the services.
security:

cookies:

secure: false