Page History

When deploying an Aspire cluster in a production environment, resource allocation and security settings becomes very important, as these environments should be configured to be as stable and secure as possible.

Resource Allocation

When deploying Aspire nodes, it is important to correctly size each VM or container running the node as different node type has different resource consumption behaviors.

Even though it can be used on development and testing, on production deployments starting manager and worker capabilities in the same JVM is not supported or recommended. There should be at least one distribution for the worker and one for the manager in different VMs.

Manager nodes

Worker nodes

Security Settings

Create a customized Encryption Key File

...

Secured Access Authentication and Authorization to Aspire Admin UI and REST API

If an engineering team will be managing Aspire, it is recommended to secure access to the UI by using LDAP to control who gets access to certain actions. See Security API for information on the security model and the roles and Ldap Configuration on how to configure it.

Enable HTTPS on Aspire Admin UI and REST API

Custom Keystore and Truststore configuration

...

It is

...

recommended to secure access to Aspire

...

HTTP endpoints with a TLS/SSL certificate (HTTPS), this is important since some requests will contain sensitive information like credentials. See Enable HTTPS for information on this.

Custom Keystore and Truststore configuration

If using HTTPS services (such as Elasticsearch provider, or crawling HTTPS repositories), and you need to trust the CA of those services it is recommended to include a Java Keystore providing the custom trusted certificates. See Crawling via HTTPs

...

.