Configure Workspace Web Edition

From Genesys Documentation
Jump to: navigation, search
This topic is part of the manual Workspace Web Edition Private Edition Guide for version Current of Agent Desktop.

Learn how to configure Workspace Web Edition.

Override Helm chart values

You can override values in the Helm charts to configure Workspace Web Edition (WWE) by using the --set flag or by creating the values.yaml file. For more information about how to override Helm chart values, see Overriding Helm chart values.

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the values.yaml file, so that no user or group IDs are specified. For details, see the Configure security section, below.

Refer to the Parameters table for a full list of overridable values for WWE.

Parameters
Parameter Description Default Valid Values
wwe.image.registry docker registry pureengage-docker-staging.jfrog.io A valid registry
wwe.image.repository docker repository gws Valid repository in the registry
wwe.image.tag WWE image version 9.0.000.93 Valid version of the WWE image
wwe.image.pullPolicy Image pull policy IfNotPresent Kubernetes pullpolicy: IfNotPresent/Always
wwe.image.imagePullSecrets Image pull secrets [] Array of pull secrets to use to pull from registry
wwe.service.enabled Create k8s service true Boolean
wwe.service.type k8s service type ClusterIP Kubernetes Service Type value
wwe.service.port k8s service port 80 Valid port number
wwe.ingress.enabled enabling ingress false Boolean
wwe.ingress.annotations ingress annotations {} Key/value map of annotations
wwe.ingress.hosts host configurations {} Valid host kubernetes Ingress mapping
wwe.ingress.tls TLS based security enabling {} Valid tls kubernetes Ingress mapping
wwe.resources.limits.cpu Maximum amount of CPU K8s allocates for container "4" Number of milicpu. See k8s doc
wwe.resources.limits.memory Maximum amount of Memory K8s allocates for container 6Gi Bytes allocation
wwe.resources.requests.cpu Guaranteed CPU allocation for container 500m Number
wwe.resources.requests.memory Guaranteed Memory allocation for container 4Gi Bytes allocation
wwe.deployment.strategy k8s deployment strategy {} Kubernetes deployment strategy map
wwe.livenessProbe.httpGet.path liveness prob path /index.html Valid internal pass
wwe.livenessProbe.httpGet.port liveness prob port to use http http
wwe.livenessProbe.initialDelaySeconds liveness prob startup delay 10 Number
wwe.livenessProbe.periodSeconds liveness prob check interval 5 Number
wwe.livenessProbe.failureThreshold liveness prob failure count 3 Number
wwe.livenessProbe.timeoutSeconds liveness prob timeout seconds 5 Number
wwe.readinessProbe.httpGet.path readiness prob path /index.html Valid internal pass
wwe.readinessProbe.httpGet.port readiness prob port to use http http
wwe.readinessProbe.initialDelaySeconds readiness prob startup delay in seconds 10 Number
wwe.readinessProbe.periodSeconds readiness prob check interval in seconds 5 Number
wwe.readinessProbe.failureThreshold readiness prob failure count 3 Number
wwe.readinessProbe.timeoutSeconds readiness prob timeout seconds 5 Number
wwe.priorityClassName k8s priority class name '' Valid priority class
wwe.affinity pod affinity {} Kubernetes Pod affinity map
wwe.nodeselector k8s node selector map {} Kubernetes node selector map
wwe.tolerations pod toleration [] Kubernetes pod tolerations list
wwe.autoscaling.enabled activate auto scaling true Boolean
wwe.autoscaling.targetCPUUtilizationPercentage CPU percentage autoscaling trigger 40 Number
wwe.autoscaling.targetMemoryUtilizationPercentage Memory percentage autoscaling trigger 80 Number
wwe.context.envs.optimizedConfig Activate WWE optimized config false Boolean
wwe.context.envs.gwsUrl Url of GWS API `` Valid GWS API url
grafanaDashboard.enabled Deploy the grafana Dashboard false Boolean
securityContext Pod security context {runAsNonRoot:true,runAsUser:500,runAsGroup:500,fsGroup:500} A Security Context map


Create the values.yaml file

From the following sample file, create the values.yaml file with appropriate overrides for a sample deployment.

Note: ingress should be enabled and set with an appropriate hostname and the value for gwsUrl must be set with the external GWS URL:

context:
  envs:
    optimizedConfig: false
    gwsUrl: 'https://<gws-external-url>'

For example:

namespace: wwe
nameOverride: ""
fullnameOverride: ""
 
securityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 500
 
podLabels: {}
podAnnotations: {}
 
wwe:
  image:
    registry: <docker-repo>
    repository: gws
    name: gws-ui-workspace
    tag:
    pullPolicy: IfNotPresent
    imagePullSecrets: []
  service:
    enabled: true
    type: ClusterIP
    port: 80
  ingress:
    enabled: true
    hosts:
      # Example
       - host: wwe.apps.vce-c0.eps.genesys.com
         paths:
           - path: '/'
             port: 443
    annotations: {}
    #   Example
    #   cert-manager.io/cluster-issuer: letsencrypt-prod-nginx
    #   nginx.ingress.kubernetes.io/ssl-redirect: "false"
    #   kubernetes.io/ingress.class: nginx01-internal
    #   nginx.ingress.kubernetes.io/proxy-body-size: "0"
    tls:
      # Example
       - secretName: ""
         hosts:
           - wwe.apps.vce-c0.eps.genesys.com
  serviceName: wwe
  deployment:
    type: Deployment
    replicaCount: 3
    minReplicas: 1
    maxReplicas: 10
    strategy: {}
  annotations: {}
  livenessProbe:
    httpGet:
      path: /index.html
      port: http
    initialDelaySeconds: 10
    periodSeconds: 5
    failureThreshold: 3
    timeoutSeconds: 5
  readinessProbe:
    httpGet:
      path: /index.html
      port: http
    initialDelaySeconds: 10
    periodSeconds: 5
    failureThreshold: 3
    timeoutSeconds: 5
  context:
    envs:
      optimizedConfig: false
      gwsUrl: 'https://<g
ws-external-url>'
  resources:
    requests:
      cpu: 500m
      memory: 2Gi
    limits:
      cpu: "1"
      memory: 6Gi
  priorityClassName:
  affinity: {}
  nodeSelector:
    genesysengage.com/nodepool:
  tolerations: []
  labels: {}
  autoscaling:
    enabled: true
    targetCPUUtilizationPercentage: 40
    targetMemoryUtilizationPercentage: 80

Configure Kubernetes

There is no specific Kubernetes configuration required for Workspace Web Edition.

Configure security

The security context settings define the privilege and access control settings for pods and containers.

By default, the user and group IDs are set in the values.yaml file as 500:500:500, meaning the genesys user.

securityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 500

Arbitrary UIDs in OpenShift

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the values.yaml file, so that you do not define any specific IDs.

podSecurityContext:
  runAsNonRoot: true
  runAsUser: null
  runAsGroup: 0
  fsGroup: null
 
securityContext:
  runAsNonRoot: true
  runAsUser: null
  runAsGroup: 0