Configuration
Kafka resources
Refer to Kpow's Kafka cluster configuration for documentation on how to configure Kafka resources for Factor Platform.
Supported Kafka resources include:
- ksqlDB
- Kafka Connect (Apache Connect, MSK Connect)
- Kafka Streams
- Schema Registry (Confluent, AWS Glue, Apicurio)
Flink resources
Refer to Flex's Flink cluster configuration for documentation on how to configure Kafka resources for Factor Platform.
Supported deployments include:
Factor Platform configuration
For now, you can refer to Kpow's environment variable reference for reference on how to configure Factor Platform's web server, as well as authentication, authorization and tenancy capabilities.
Factor Platform is still in early access.
Future work on dynamic configuration will mean that a lot of Platform configuration currently exposed via environment variables will move to persistent configuration stored in PostgreSQL, and configured through either Factor Platform's user interface or API.
PostgreSQL configuration
Factor Platform persists its configuration and state to a PostgreSQL database.
Prerequisites
Factor Platform requires PostgreSQL >=14.
Factor Platform requires no extensions or manual schema setup. All database migrations run automatically on initialization of the product.
Database preparation
Create a database and user for Factor Platform. If you're using a managed service (e.g. AWS RDS, Google Cloud SQL, Azure Database for PostgreSQL), follow your provider's instructions to create the database and user, then skip to PostgreSQL environment variables
For self-managed PostgreSQL you will need to create both a role and database for Factor Platform:
CREATE ROLE factor_platform WITH LOGIN PASSWORD 'secure-password-here';
CREATE DATABASE factor_platform WITH OWNER factor_platform TEMPLATE template0 ENCODING UTF8 LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8';
Ensure the user can connect from the Factor Platform host by configuring pg_hba.conf as appropriate for your network.
Factor Platform configuration
Configure the PostgreSQL connection using the following environment variables:
| Variable | Description | Required | Default |
|---|---|---|---|
| POSTGRES_USER | PostgreSQL username | Yes | - |
| POSTGRES_PASSWORD | PostgreSQL password | Yes | - |
| POSTGRES_DB_NAME | Database name for Factor Platform | No | factor_platform |
| POSTGRES_HOST | PostgreSQL server hostname or IP | Yes | - |
| POSTGRES_PORT | PostgreSQL server port | No | 5432 |
| POSTGRES_SSL | Enable SSL for PostgreSQL connection | No | false |
| POSTGRES_SSLMODE | SSL mode (e.g. disable, prefer, require) | No | prefer |
| POSTGRES_SSLROOTCERT | Path to SSL root certificate | No | - |
| POSTGRES_SSLCERT | Path to SSL client certificate | No | - |
| POSTGRES_SSLKEY | Path to SSL client key | No | - |
| POSTGRES_AWS_WRAPPER | Whether to enable the aws-advanced-jdbc-wrapper if using RDS with IAM authentication | No | false |
Connection notes
Amazon RDS connection notes
Factor Platform supports IAM database authentication for Amazon RDS and Aurora PostgreSQL instances.
Refer to the official AWS documentation to enable IAM authentication and create an IAM policy for Factor Platform.
Setting POSTGRES_AWS_WRAPPER=true configures Factor Platform to use the AWS Advanced JDBC Wrapper with the following defaults:
failover,efm2wrapper plugins for cluster failover and host monitoring- A maximum connection pool lifetime of 10 minutes, ensuring connections are recycled before IAM auth tokens expire
Note: RDS requires SSL connections by default. Set POSTGRES_SSL=true when using the AWS wrapper.
Application name
The connection is established with ApplicationName set to Factor Platform. This can be useful for identifying Factor Platform connections when debugging or monitoring active sessions in PostgreSQL (e.g. via pg_stat_activity).
Database connection over TLS
For connections over a public network, enable TLS by setting the SSL environment variables above. Most managed database providers handle server-side certificate configuration automatically - you'll typically just need to set POSTGRES_SSL=true and POSTGRES_SSLMODE to your desired level (e.g. require or verify-full).
For self-managed PostgreSQL or mutual TLS (mTLS), provide the client certificate paths via POSTGRES_SSLROOTCERT, POSTGRES_SSLCERT, and POSTGRES_SSLKEY.