Optional Services

This page covers optional services that extend Timbr’s ontology-based semantic layer.

These services enhance the virtual knowledge graph by adding capabilities such as data virtualization, caching, graph algorithms, and secure credential management, enabling the semantic layer to support advanced analytics, BI, and AI use cases.

For Single Sign-On (SSO) configuration, please see the dedicated SSO documentation:

• Azure AD SSO and Integration
• Google Cloud SSO and Integration
• Okta SSO Integration
• Keycloak JWT Integration

---

Timbr Virtualization Service

In the web platform of timbr, add a new datasource with this specifications:

1. Datasource Type: Apache Spark
   • Click on the Active Virtualization check-box
2. Datasource Name: timbr_virtualization
3. Hostname/IP: <virtualization hostname if applicable> (or use default: timbr-virtualization)
4. Port: <virtualization port if applicable> (or use default: 10000)
5. User: timbr
6. Password: <timbr-db-password>

Important

Hostname/IP value is the hostname in docker/Kubernetes for Timbr virtualization service. Port value is the port in docker/Kubernetes for Timbr virtualization service. Password value is the timbr-db password.

---

Timbr Cache Service

In the web platform of Timbr, add a new datasource with this specifications:

1. Datasource Type: Clickhouse
2. Datasource Name: timbr_cache
3. Hostname/IP: <timbr-cache hostname> (or use default: timbr-cache)
4. port: <timbr-cache port> (or use default: 8123)
5. User: timbr
6. Password: <timbr-db-password>
7. Additional parameters: socket_timeout=21600000&custom_http_params=connect_timeout%3D3600%2Chttp_send_timeout%3D3600%2Chttp_receive_timeout%3D3600%2Chttp_max_tries%3D1%2Cjoin_algorithm%3Dpartial_merge%2Cmax_query_size%3D5000000%2Cmax_rows_in_set_to_optimize_join%3D200000%2Cmax_threads%3D10%2Cmax_final_threads%3D8

Important

Hostname/IP value is the hostname in docker/Kubernetes for Timbr cache service. Port value is the port in docker/Kubernetes for Timbr cache service. Password value is the timbr-db password.

---

Timbr GA (Timbr Graph Algorithms) Service

Timbr graph algorithms can be configure in two ways:

1. Enable graph algorithms to all of the ontologies in Timbr or
2. Enable graph algorithms to a specific ontology in Timbr

• In order to enable graph algorithms to all of the ontologies in Timbr you have to add a new environment variable to the timbr-server service:

  • For Docker Compose Deployment:

    In your docker-compose.yaml add those changes to the timbr-server service:

    services:
      timbr-server:
        # ...
        environment:
          - graph_algorithm_manager_url=http://timbr-ga:12000/execute_algorithm

  • For Kubernetes Deployment:

    In your Timbr server deployment YAML file, configure the following environment variable:

    spec:
      # ...
      template:
        # ...
        spec:
          # ...
          containers:
            - name: timbr-server
              # ...
              env:
                # ...
                - name: graph_algorithm_manager_url
                  value: http://timbr-ga:12000/execute_algorithm

• To enable graph algorithms to a specific ontology in timbr, In the web platform of timbr, open the sqllab tab and run this query:

  alter ontology <ontology_name> set graph_algorithm_manager_url = 'http://timbr-ga:12000/execute_algorithm'

---

How to setup KeyVault (AWS) for datasources credentials

Reference: AWS KMS

By default Timbr encrypts and stores all of your datasource credentials in Timbr's database. You can configure Timbr to encrypt and store your datasource credentials in AWS Key Management Service (KMS) instead.

Important

If you choose to use the KeyVault option, all datasource passwords will be stored in KMS instead of Timbr's database.

AWS Deployment

Docker Compose Deployment

In your docker-compose.yaml add those changes to the timbr-server service:

services:
  # ...
  timbr-server:
    # ...
    environment:
      - KV_VAULT_TYPE=aws
      - KV_VAULT_AUTH_TYPE=password
      - KV_VAULT=<KMS_NAME>
      - KV_VAULT_REGION=<KMS_REGION>
      - AWS_CLIENT_ID=<AWS_CLIENT_ID>
      - AWS_CLIENT_SECRET=<AWS_CLIENT_SECRET>

Kubernetes Deployment

In your Timbr Server deployment YAML file, configure the following environment variables:

spec:
  # ...
  template:
    # ...
    spec:
      # ...
      containers:
        - name: timbr-server
          # ...
          env:
            # ...
            - name: KV_VAULT_TYPE
              value: aws
            - name: KV_VAULT_AUTH_TYPE
              value: password
            - name: KV_VAULT
              value: <KMS_NAME>
            - name: KV_VAULT_REGION
              value: <KMS_REGION>
            - name: AWS_CLIENT_ID
              value: <AWS_CLIENT_ID>
            - name: AWS_CLIENT_SECRET
              value: <AWS_CLIENT_SECRET>

Note

For Azure KeyVault configuration, please refer to the Azure Integration documentation.