Due to the tremendous variation in resource demands of customer applications and available system resources, we cannot provide specific configuration recommendations. However, below are some suggestions that you should consider when planning your configuration. You should test your application under simulated production conditions to validate your configurations prior to deployment.
Performance & Scalability
- Run SERVER as a process pair (use the --backupcpu option).
- Run at least one SWORKER process.
- Start as many SWORKERs as needed according to anticipated load, each in different processors.
- The SERVER process distributes load across available SWORKERs to the SWORKER with the least number of connections
- If large numbers of TCP/IP connections are anticipated, configure multiple --service-ports using separate TCP/IP processes.
- If TMF transactions are being used (by client applications or in API definitions).
- Leave HTTP logging disabled (installation default).
- Use the monitor option where appropriate, to monitor changes to configuration files. See monitor.
- Do not use diagnostic logging in performance sensitive environments unless absolutely necessary.
- Change the default administrator password!
- Use Server Certificates and configure only HTTPS console and service ports.
- Disable TLS v1.0 and v1.1 if possible. See --tls-protocols.
- Use restrictive Access Control Policies.
- Consider an external security appliance or reverse proxy if connected to untrusted networks.
- Maintain separate development and production LightWave Server instances.
- Use the sensitive schema property to avoid disclosing sensitive data in logs. See Sensitive Data Masking.
- Leave the 'lightwave-api-testing-service' disabled (installation default) in production instances.