Configure BDS

From Genesys Documentation
Jump to: navigation, search
This topic is part of the manual Billing Data Service Private Edition Guide for version Current of Billing Data Service.

Learn how to configure Billing Data Service (BDS).

Override Helm chart values

You can override values in the Helm charts to configure Private Edition. For more information about overriding Helm chart values, see the "suite-level" documentation about how to override Helm chart values: Overriding Helm chart values

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the values.yaml file, so that no user or group IDs are specified. For more details, see the Configure security section.

This page provides an overview of configuration; detailed steps appear on the Provision BDS and Deploy BDS pages.

The following table lists values you can override for BDS:

Parameter Description Default value Valid values Notes
tenantName Name of Tenant "" lower case string
podLabels.app Label bus string
podLabels.name Labels bds string
nameSpace Namespace where BDS is deployed bds string Leave blank if not used
bdsApp.deployment.job.schedule Cronjob schedule "0 3,15 * * *" Cronjob schedule format
bdsApp.image.registry Image registry name {} string
bdsApp.image.repository Image repository name cloudbilling/ string
bdsApp.image.tag Image tag "" string
bdsApp.image.pullPolicy Image pull Policy IfNotPresent Policy
bdsApp.image.pullSecrets.name Secrets for docker registry "" string Leave blank if not used
bdsApp.container.env.pgValue Prometheus Push Gateway URL. Set to empty string if Push Gateway is not available. "http://prometheus-pushgateway.monitoring.svc.cluster.local:9091/metrics" URL
bdsApp.container.env.modeValue BDS mode type MULTICLOUD string change to MULTICLOUD_PE
bdsApp.volumes.pvc.claim PVC used to mount file share {} string
bdsApp.config.name Name of the config map bds-config string
bdsApp.gvars.name Name of the config map bds-config string
bdsApp.secrets.gvp.secretName GVP shared secret name shared-secret-gvp string or null Leave blank if not used
bdsApp.secrets.gvp.volumes.ProviderClassName Populate if CSI is used "" Leave blank if not used
bdsApp.secrets.gvp.volumes.driver Populate if CSI is used "" Leave blank if not used
bdsApp.secrets.gim.secretName GIM shared secret name shared-gim-db-t string or null Leave blank if not used
bdsApp.secrets.gim.volumes.tenantID Tenant ID is used as part of secret name "" string
bdsApp.secrets.gim.volumes.ProviderClassName Populate if CSI is used "" string or null Leave blank if not used
bdsApp.secrets.gim.volumes.driver Populate if CSI is used "" string or null Leave blank if not used
bdsApp.secrets.consul.secretName Consul shared secret name shared-consul-consul-bds-token string or null Leave blank if not used
bdsApp.secrets.consul.volumes.ProviderClassName Populate if CSI is used "" string or null Leave blank if not used
bdsApp.secrets.consul.volumes.driver Populate if CSI is used "" string or null Leave blank if not used
bdsApp.secrets.gws.secretName GWS shared secret name "" string or null Leave blank if not used
bdsApp.secrets.gws.mount.name GWS secret mount name "" string or null Mandatory if GWS shared secret used
bdsApp.secrets.manual.secretName Manual secrets "" string Mandatory
bdsApp.resources.limits.cpu Maximum CPU count 2 integer
bdsApp.resources.limits.memory Maximum Memory volume 4Gi
bdsApp.resources.requests.cpu Guaranteed amount of CPU 0.25 percent / 100
bdsApp.resources.requests.memory Guaranteed amount of memory 1Gi
bdsApp.priorityClassName "" Leave blank if not used
bdsApp.nodeSelector "" Leave blank if not used
bdsApp.monitoring.enabled Turn on/off monitoring "false" "false" / "true"
bdsApp.secrets.gim.mounts.name Name of the volume mount for GIM secrets, if stored as volume. shared-secret-gim string Must be set to "" or null if manual secrets are used.
bdsApp.secrets.gvp.mounts.name Name of the volume mount for GVP secrets, if stored as volume. shared-secret-gvp string Must be set to "" or null if manual secrets are used.
bdsApp.secrets.consul.mounts.name Name of the volume mount for Consul secrets, if stored as volume. shared-secret-consul string Must be set to "" or null if manual secrets are used.
BDS_OVERRIDE_CFG_FILE The full path and file name of the configuration file. Genesys recommends that you always store the configuration file in a folder that is mapped to the deployment host folder. /genesys/etc/config.json string
BDS_OVERRIDE_ORA_CFG_FILE The full path and file name of the Oracle Net Services profile configuration file (sqlnet.ora). string or null If null, BDS uses the default connection property to connect to the Oracle database. If sqlnet.ora exists, then the default path is /genesys/data/sqlnet.ora
BDS_OVERRIDE_OVERWRITE Allows or denies overwriting of files that were previously generated in the SFTP folder. False False/True
BDS_OVERRIDE_VERIFY_SFTP_FILE Verifies whether the SFTP folder contains any output files. False False/True
BDS_OVERRIDE_RAISE_ERROR_DC_ALIASES configure how BDS handles scenarios where BDS uses a location's dc_aliases list to process a metric, and the list includes a dataset containing a value that is not defined in any tenant location.
  • If True, BDS stops processing the metric and raises the following error: DC aliases in dataset, not configured for customer.
  • If False, BDS continues the transformation which is the default behavior.
False False/True
BDS_OVERRIDE_TMP_FOLDER A folder where BDS temporarily stores intermediate processing results within the Docker container. /tmp string
BDS_OVERRIDE_LOG_LEVEL This value controls how BDS filters information placed in the log file. Valid values: CRITICAL, ERROR, WARNING, INFO, and DEBUG. Genesys recommends that you set the log level to DEBUG, at least initially, to facilitate initial setup and troubleshooting. DEBUG string
BDS_OVERRIDE_SHOW_EXECUTION_PLAN Enable or disable whether the execution plan of a statement can be printed in the execution plan directory. False False/True
BDS_OVERRIDE_EXECUTION_PLAN_DIR A folder where BDS prints the execution plan of a statement within the Docker container. /genesys/log/execution_plan string
BDS_OVERRIDE_CRYPTO_KEY_PATH The folder where BDS stores the encryption tokens and keys used to decrypt and encrypt passwords. /genesys/etc/crypto/key string
BDS_OVERRIDE_LOCAL_DIR_FOR_TOKENS A folder to manage the encryption key tokens within the Docker container. /genesys/etc/tokens string
BDS_OVERRIDE_LOCAL_DIR_PRESHARED_KEY A folder to manage the preshared keys within the Docker container. /genesys/etc/preshared_keys string
BDS_OVERRIDE_DETAILED_REPORT_DIR A folder where BDS generates the detailed reports such as Concurrent seats report, Named usage report, and GVP reports within the Docker container. /genesys/data/reports string
BDS_OVERRIDE_DB_REQUEST_TIMEOUT Configure the timeout period (in hours) for database connections and requests. Applicable only to PostgreSQL and FreeTDS connections to their databases. 7200 integer
BDS_OVERRIDE_ANONYMIZER_SALT Anonymizes the extracted data that contains Personally Identifiable Information (PII) such as name, email ID, and so on, by applying the salt-hashing algorithm. In cryptography, salt is random data that is used as another input to a one-way function that hashes data, a password or passphrase. You can either create random data by yourself or use the same value as given in the example. Note: Genesys doesn't recommend modifying the random data once it's configured and deployed. e6858808-9af7-11ec-b909-0242ac120002 integer
BDS_OVERRIDE_MAX_THREADS Specify the maximum number of threads that can run in a single cronjob activity. 0 integer The default value 0 implies single thread.
BDS_OVERRIDE_MULTICLOUD_EXTRACT_IVR_FILTER When enabled, extracts records based on ivr_usage_profiles. False False/True
DR_location (use with caution) Specify the disaster location in this variable. Warning: Include this variable in the values.yaml file only during emergency or disaster situation in the affected location. Ensure that you remove this variable from the values.yaml file when situations return to normalcy. Not applicable

NOTE: Do not override values other than the parameters mentioned in the preceding table; doing so could cause deployment to fail.

Configure Kubernetes

Configs Layout

Tenant configuration is stored in ConfigMap. Contains BDS configurations files:

data:
  config-<tenant_name>.json: {}

Layout of Secrets:

Shared Secrets:

Create secrets manually using the instructions in Create Secrets.

Genesys Info Mart — Example of GIM configuration section:
"gimdb": {
    "db_type": "postgre",
    "driver_name": "PostgreSQL",
    "server": "BDS_CFG_GLOBALS_GIM_DB_HOST_PLACEHOLDER",
    "port": 5432,
    "database": "BDS_CFG_GLOBALS_GIM_DB_NAME_PLACEHOLDER",
    "username": "BDS_CFG_GLOBALS_GIM_DB_USR_PLACEHOLDER",
    "password": "BDS_CFG_GLOBALS_GIM_DB_PSW_PLACEHOLDER"
}

Install the following PLACEHOLDERs with values as secrets:

BDS_CFG_GLOBALS_GIM_DB_USR_PLACEHOLDER
BDS_CFG_GLOBALS_GIM_DB_PSW_PLACEHOLDER
BDS_CFG_GLOBALS_GIM_DB_HOST_PLACEHOLDER
– add to secrets or replace with value in tenant config file
BDS_CFG_GLOBALS_GIM_DB_NAME_PLACEHOLDER
– add to secrets or replace with value in tenant config file
GVP — Example of GVP configuration section :
"gvp": {
    "gvp_primary_rs_name": "GVP",
    "db_type": "sql_server",
    "driver_name": "FreeTDS",
    "server": "BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_HOST_PLACEHOLDER",
    "port": 1433,
    "database": "BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_NAME_PLACEHOLDER",
    "username": "BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_USR_PLACEHOLDER",
    "password": "BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_PSW_PLACEHOLDER"
}

Install the following PLACEHOLDERs with values as secrets:

BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_USR_PLACEHOLDER
BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_PSW_PLACEHOLDER
BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_HOST_PLACEHOLDER
– add to secrets or replace with value in tenant config file
BDS_CFG_GLOBALS_GVP_DB_PL_WESTUS2_NAME_PLACEHOLDER
– add to secrets or replace with value in tenant config file
Consul — Example of Consul configuration section :
"consul": {
    "token": "BDS_CFG_CONSUL_TOKEN_PLACEHOLDER",
    "url_api": "BDS_CFG_CONSUL_URL_API_PLACEHOLDER"
}
Important
Beginning with 100.0.003.0009 release, the url_api parameter must include the api version and key value endpoint.
For example: https://consul.genesys.svc.cluster.local:8501/v1/kv

Install the following PLACEHOLDERs with values as secrets:

BDS_CFG_CONSUL_TOKEN_PLACEHOLDER

Manual secrets:

Secrets created manually. Values pulled from shared key-vault or added manually.

Assigned to POD as environment variables.

GWS

Client ID and Secret to access AUTH service.

Values assigned manually.

BDS_CFG_BDS_DEV_GWS_CLIENTID_PLACEHOLDER
BDS_CFG_BDS_DEV_GWS_CLIENT_SECRET_PLACEHOLDER

Configuration example:

"gws": {
   "host": "BDS_CFG_GWS_HOST_PLACEHOLDER",
    "auth_host": "BDS_CFG_GWS_AUTH_HOST_PLACEHOLDER",
    "grant_type": "client_credentials",
    "client_id": "BDS_CFG_GLOBALS_GWS_USR_PLACEHOLDER",
    "client_secret": "BDS_CFG_GLOBALS_GWS_PSW_PLACEHOLDER"
}
SFTP

BDS automatically uploads the resulting output files at the end of job runs, to the SFTP server. You can configure the SFTP server details in the loader_sftp section.

An example SFTP configuration section is as follows. In the example, the values for hostname and hostkey corresponds to the Genesys SFTP server. You can use the same values to configure the Genesys SFTP server for uploading BDS files.

"loader_sftp": {
	"hostname": "BDS_CFG_SFTP_HOST_PLACEHOLDER",
	"hostkey": "ssh-rsa SHA256:gT7Aa37+yTnd6mwv6Nl01E44u2o2TYxlL/iPgA2T2wc",
	"path": "BDS_CFG_SFTP_PATH_PLACEHOLDER",
	"username": "BDS_CFG_LEGACY_GLOBALS_SFTP_USR_PLACEHOLDER",
	"password": "BDS_CFG_LEGACY_GLOBALS_SFTP_PSW_PLACEHOLDER"
}
GVP

Manually obtained GVP secrets to get BD DB access from secondary region (used if secondary region exists).

BDS_CFG_GLOBALS_GVP_DB_WESTUS2_USR_PLACEHOLDER
BDS_CFG_GLOBALS_GVP_DB_WESTUS2_PSW_PLACEHOLDER
BDS_CFG_GLOBALS_GVP_DB_WESTUS2_HOST_PLACEHOLDER
BDS_CFG_GLOBALS_GVP_DB_WESTUS2_NAME_PLACEHOLDER

Configure security

Example of SFTP configuration section:

"loader_sftp": {
	"hostname": "BDS_CFG_SFTP_HOST_PLACEHOLDER",
	"hostkey": "ssh-rsa SHA256:gT7Aa37+yTnd6mwv6Nl01E44u2o2TYxlL/iPgA2T2wc",
	"path": "BDS_CFG_SFTP_PATH_PLACEHOLDER",
	"username": "BDS_CFG_LEGACY_GLOBALS_SFTP_USR_PLACEHOLDER",
	"password": "BDS_CFG_LEGACY_GLOBALS_SFTP_PSW_PLACEHOLDER"
}

Pod security policy:

By default, BDS defines a user/group for running the process in the POD, as follows:

securityContext:
    # Containers should run as genesys user and cannot use elevated permissions
   runAsNonRoot: true
   runAsUser: 500
   runAsGroup: 500
   fsGroup: 500

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings as shown in the following code, so that you do not define any specific IDs.

securityContext:
  runAsNonRoot: true
  runAsGroup: null
  runAsUser: null
  fsGroup: null


Retrieved from "https://all.docs.genesys.com/BDS/Current/BDSPEGuide/Configure (2023-01-29 06:59:03)"
Comments or questions about this documentation? Contact us for support!