Configure GIM

From Genesys Documentation
Jump to: navigation, search
This topic is part of the manual Genesys Info Mart Private Edition Guide for version Current of Reporting.

Learn how to configure GIM.

Override Helm chart values

Download the gim and gim-monitoring Helm charts from JFrog using your credentials. You must override certain parameters in the gim values.yaml file to provide deployment-specific values for certain parameters.

For general information about overriding Helm chart values, see Overriding Helm chart values in the Genesys Multicloud CX Private Edition Guide.

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the GIM values.yaml file, so that no user or group IDs are specified. For details, see Configure security, below.

To enable S3-compatible storage for the Data Export packages, see Configure S3-compatible storage, below.

At a minimum, you must override the following key entries in the GIM values.yaml file:

  • image:
    registrythe registry from which Kubernetes will pull images (pureengage-docker-staging.jfrog.io by default)
    tag - the container image version
  • tenant_id - the TenantID of the tenant in use
  • imagePullSecrets:
    pureengage-docker-dev or pureengage-docker-stagingthe secret from which Kubernetes will get credentials to pull the image from the registry
  • kafka:
    bootstrap - the Kafka address to align with the infrastructure Kafka
    password - the Kafka password, if Kafka requires authentication
  • db - the applicable details for the Info Mart ETL database you created (see Create the Info Mart database)

Note: tenant_id and kafka:password (optional) are currently not included in the values.yaml file. Either add these parameters to your customized values.yaml file or else specify them in the command line when you install the Helm chart.

If topic names in your Kafka configuration have been customized, you must also modify the kafka:topic parameter values to match. For more details about the required Kafka topics, see Kafka configuration.

Important
Treat your modified values.yaml file as source code, which you are responsible to maintain so that your overrides are preserved and available for reuse when you upgrade.

Configure Kubernetes

Secrets

GIM requires the following secrets:

  • docker-registry — Credentials to pull the image from the JFrog repository
  • kafka-secrets — Credentials to access Kafka
  • gim-secrets — Credentials to access the Info Mart database
  • s3-storage-secrets — Credentials to access optional S3-compatible storage (for Data Export)

Except for docker-registry, which you must create manually (see the environment setup instructions on Deploy GIM), Helm creates the secrets based on values you specify in the values.yaml file.

Config Maps

Helm creates a number of Config Maps based on option values you specify in the values.yaml file. There are no Config Maps you can configure directly.

Configure security

The security context settings define the privilege and access control settings for pods and containers.

By default, the user and group IDs are set in the GIM values.yaml file as 500:500:500, meaning the genesys user. 

securityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 500

containerSecurityContext: {}

Arbitrary UIDs in OpenShift

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the GIM values.yaml file, so that you do not define any specific IDs. 

securityContext:
  runAsNonRoot: true
  runAsUser: null
  runAsGroup: 0
  fsGroup: null

containerSecurityContext: {}

Configure S3-compatible storage

If you are using S3-compatible object storage on OpenShift or GCP to store the Data Export packages, modify the following entries in the values.yaml file:

  • s3_storage_enabled: true
  • s3_storage:
    account:
       accessKeythe access key created when you created the bucket
       secretKeythe secret created when you created the bucket
       regionthe region in which the bucket was created
       entryPointURL to access bucket storage
  • gim_export:
    output_directorythe bucket name

The s3_storage parameters are used to construct the s3_storage_secrets secret.

OpenShift example

gim_export:
  ...
  output_directory:                       "gim-3f7ac1ab-03b9-445b-ba12-137d4bbc3c38"
  ...
s3_storage_enabled: true
s3_storage:
  account:
    accessKey: "<Access Key>"
    secretKey: "<Secret Key>"
    region: "<Region>"
    entrypoint: "s3.openshift-storage.svc"

GKE example

gim_export:
  ...
  output_directory:                       "test-example-bucket-one"
  ...
s3_storage_enabled: true
s3_storage:
  account:
    accessKey: "<Access Key>"
    secretKey: "<Secret Key>"
    region: "<Region>"
    entrypoint: "storage.googleapis.com"
Retrieved from "https://all.docs.genesys.com/PEC-REP/Current/GIMPEGuide/ConfigureGIM (2022-05-27 02:14:21)"