Configure IWD Data Mart

From Genesys Documentation
Jump to: navigation, search
This topic is part of the manual IWD Data Mart Private Edition Guide for version Current of Intelligent Workload Distribution.

Learn how to configure IWD Data Mart.

Early Adopter Program
Genesys Multicloud CX private edition is being released to pre-approved customers as part of the Early Adopter Program. Please note that the documentation and the product are subject to change. For more details about the program, please contact your Genesys representative.

Override Helm chart values

The following table provides information on the IWD Data Mart deployment settings:

Key Type Default Description
image.imagePullSecrets list `[]` imagePullSecrets must have the following format:
- name: pullSecret1
- name: pullSecret2
image.pullPolicy string `"IfNotPresent"` Image pull policy
image.registry string `""` Image registry
image.repository string `""` Image repository
image.tag string `""` Image tag
iwddm.cronjob.schedule string `"*/15 * * * *"` IWDDM cronjob start schedule in cron format
iwddm.cronjob.suspend bool `false` IWDDM suspend: if true, it won't start
iwddm.db.createConfigmap bool `false` Create a config map for db access parameters
iwddm.db.dbname string `nil` IWDDM database name
iwddm.db.host string `nil` IWDDM database hostname
iwddm.db.port int `5432` IWDDM database port
iwddm.db.secret.enabled bool `false` Create IWDDM database secret
iwddm.db.secret.password string `nil` IWDDM database password to put in the secret
iwddm.db.secret.secretName string `nil` IWDDM database secret name
iwddm.db.user string `nil` IWDDM database user
iwddm.env.batchSize int `10000` Events load batch size
iwddm.env.executionChain string `"full"`
iwddm.env.httpProxyUrl string `""` IWDDM will try to connect to IWD using http proxy
iwddm.env.httpsProxyUrl string `""` IWDDM will try to connect to IWD using https proxy
iwddm.env.monitoring.enabled bool `false` Enable push metrics to Pushgateway
iwddm.env.monitoring.pushgateway_url string `""` Since IWDDM is a short living cronjob, it uses Pushgateway for providing metrics
iwddm.env.restUrl string `""` IWD REST endpoint url
iwddm.env.wfm object `{"enabled":false}` Push data to WFM if enabled
iwddm.helmTest.args list `["export PGPASSWORD=${IWDDM_PASSWORD}; psql -c \"select now()\""]` Arguments passed to the helm test command
iwddm.helmTest.command list `["/bin/bash","-c"]` Command for helm test
iwddm.helmTest.image string `"postgres:latest"` Image for helm test
iwddm.labels object `{}` Extra labels
ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
iwddm.nodeSelector object `{}` Node labels for assignment.
ref: https://kubernetes.io/docs/user-guide/node-selection/
iwddm.priorityClassName string `""` Priority Class
ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
iwddm.resources.limits.cpu string `"100m"` IWDDM Kubernetes CPU limit
iwddm.resources.limits.memory string `"160Mi"` IWDDM Kubernetes memory limit
iwddm.resources.requests.cpu string `"50m"` IWDDM Kubernetes CPU request
iwddm.resources.requests.memory string `"128Mi"` IWDDM Kubernetes memory request
iwddm.securityContext object `{}` Security Context
ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
Containers should run as genesys user and cannot use elevated permissions
Note: These options must not be changed unless instructed by Genesys.
iwddm.serviceAccount.create bool `true` Create service account for IWDDM
iwddm.serviceAccount.name string `nil` The name of the ServiceAccount to use.
If not set and create is true, a name is generated using the fullname template
iwddm.tenantId int `1` Tenant short 4-digit ID
iwddm.volumeMounts object `{}` Volumes mounted into an IWDDM container
iwddm.volumes string `nil` Must be declared with starting |- since they are parsed as a template
podAnnotations object `{}` Add annotations to all pods
podLabels object `{}` Add labels to all pods


Configure Kubernetes

ConfigMaps

Not applicable as all required ConfigMaps are created via Helm Chart basing on the provided values.

Secrets

IWD Data Mart requires several secrets to be created.

Create the pull secret

Use the following code snippet as an example of how to create pull secret:

kubectl create secret docker-registry mycred --docker-server=pureengage.jfrog.io --docker-username=<jfrog_username> --docker-password=<API key from jfrog>

You can add mycred to Helm override values by setting image.imagePullSecrets to [ mycred ].

For OpenShift, you may add the mycred secret in current namespace as the default pull secret:
oc secrets link default mycred --for=pull

IWDDM PostgreSQL password

It can be configured in Helm values as shown in the sample:
iwddm:
  db:
    secret:
      enabled: true
      secretName: iwddm-db-secret-0001
      password: somePassword1
  volumes: |-
    - name: iwddm-db-secrets
      secret:
        secretName: iwddm-db-secret-0001
 
  volumeMounts: |-
    - name: iwddm-db-secrets
      readOnly: true
      mountPath: "/mnt/env-file-secrets/db-file-secrets"

IWDDM iWD x-api-key

It must exist before your IWDDM deployment. It must be created with the following format:

IWDDM_API_KEY=value

Sample password creation:

kubectl create secret generic 0001-iwd-secrets \
--from-literal='IWDDM_API_KEY=123456-abcde-4568734'

IWD x-api-key can be configured as shown below:

iwddm:
  volumes: |-
    - name: iwd-secrets
      secret:
        secretName: 0001-iwd-secrets
 
volumeMounts: |-
    - name: iwd-secrets
      readOnly: true
      mountPath: "/mnt/env-file-secrets/iwd-file-secrets"

GIM database password

Create a multi-line secret in the following way:

Create a file, gim-secret.txt with the following text:
IWDDM_GIM_DBUSER=<gim_user>
IWDDM_GIM_PASSWORD=<gim_password>
IWDDM_GIM_URL=jdbc:postgresql://<gim_db_host>:5432/<gim_db_name>

Create a secret from the file:

kubectl create secret generic gim-secrets \
--from-file=gim-secret.txt
Then, mount it using Helm values:
iwddm:
  volumes: |-
    - name: gim-secrets
      secret:
        secretName: gim-secrets
 
volumeMounts: |-
    - name: gim-secrets
      readOnly: true
      mountPath: "/mnt/gim-secrets/gim-secret"


Configure security

IWDDM needs the username and password provided for PostgreSQL access.

Arbitrary UIDs in OpenShift

To use arbitrary UIDs in your OpenShift deployment, ensure the following settings:
securityContext:
  runAsNonRoot: true
  runAsUser: null
  runAsGroup: 0

Configure IWD REST endpoint

IWD REST URL provided for IWDDM in the iwddm.env.restUrl parameter must be:

http://iwd.iwd.svc.cluster.local:4024/iwd/v3

The above endpoint may change depending on the configuration and where IWD is installed. Refer to IWD documentation for information on this endpoint.