Difference between revisions of "PEC-REP/Current/GIMPEGuide/ConfigureGIM"
From Genesys Documentation
(Published) |
(Published) |
||
| Line 7: | Line 7: | ||
|sectionHeading=Override Helm chart values | |sectionHeading=Override Helm chart values | ||
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext=Download the gim and gim-monitor Helm charts from JFrog using your credentials. You must override certain parameters in the '''gim-values.yaml''' file to provide deployment-specific values for certain parameters. | + | |structuredtext=Download the gim and gim-monitor Helm charts from JFrog using your credentials. You must override certain parameters in the '''values.yaml''' file (referred to on this page as the '''gim-values.yaml''' file) to provide deployment-specific values for certain parameters. |
For general information about overriding Helm chart values, see {{SuiteLevelLink|helmoverride}} in the ''{{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|display text=Genesys Engage Cloud Private Edition Guide}}''. | For general information about overriding Helm chart values, see {{SuiteLevelLink|helmoverride}} in the ''{{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|display text=Genesys Engage Cloud Private Edition Guide}}''. | ||
| − | + | If you want to use arbitrary UIDs in your OpenShift deployment, you must override the '''securityContext''' settings in the '''gim-values.yaml''' file, so that no user or group IDs are specified. For details, see [[{{FULLPAGENAME}}#Security|Configure security]], below. | |
| + | |||
| + | At a minimum, you must override the following key entries in the '''gim-values.yaml''' file: | ||
*<tt>tag</tt> - the container image version | *<tt>tag</tt> - the container image version | ||
| Line 20: | Line 22: | ||
====The gim-values.yaml file==== | ====The gim-values.yaml file==== | ||
| + | The following sample gim-values.yaml file, which may not be completely up to date, shows the key parameter values you must override. | ||
<source lang="bash">replicaCount: 1 | <source lang="bash">replicaCount: 1 | ||
# Add tenant_id and tenant_uuid | # Add tenant_id and tenant_uuid | ||
| Line 81: | Line 84: | ||
}}{{Section | }}{{Section | ||
|sectionHeading=Configure security | |sectionHeading=Configure security | ||
| + | |anchor=Security | ||
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext= | + | |structuredtext=The security context settings define the privilege and access control settings for pods and containers. |
| + | |||
| + | By default, the user and group IDs are set in the '''gim-values.yaml''' file as <tt>500:500:500</tt>, meaning the '''genesys''' user. | ||
| + | <source lang="bash"> | ||
| + | securityContext: | ||
| + | runAsNonRoot: true | ||
| + | runAsUser: 500 | ||
| + | runAsGroup: 500 | ||
| + | fsGroup: 500 | ||
| + | |||
| + | containerSecurityContext: {} | ||
| + | </source> | ||
| + | ===Arbitrary UIDs in OpenShift=== | ||
| + | If you want to use arbitrary UIDs in your OpenShift deployment, you must override the '''securityContext''' settings in the '''gim-values.yaml''' file, so that you do not define any specific IDs. | ||
| + | |||
| + | <source lang="bash"> | ||
| + | securityContext: | ||
| + | runAsNonRoot: true | ||
| + | runAsUser: null | ||
| + | runAsGroup: 0 | ||
| + | fsGroup: null | ||
| + | |||
| + | containerSecurityContext: {} | ||
| + | </source> | ||
|Status=No | |Status=No | ||
}} | }} | ||
|PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97 | |PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97 | ||
}} | }} | ||
Revision as of 13:27, September 15, 2021
This topic is part of the manual Genesys Info Mart Private Edition Guide for version Current of Reporting.
Contents
Learn how to configure GIM.
Related documentation:
RSS:
Override Helm chart values
Download the gim and gim-monitor Helm charts from JFrog using your credentials. You must override certain parameters in the values.yaml file (referred to on this page as the gim-values.yaml file) to provide deployment-specific values for certain parameters.
For general information about overriding Helm chart values, see Overriding Helm chart values in the Genesys Engage Cloud Private Edition Guide.
If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the gim-values.yaml file, so that no user or group IDs are specified. For details, see Configure security, below.
At a minimum, you must override the following key entries in the gim-values.yaml file:
- tag - the container image version
- tenant_id - the TenantID of the tenant in use
- tenant_uuid - the TenantUUID that matches the TenantID.
- db - the Info Mart ETL database you created as a prerequisite
- bootstrap - the Kafka address to align with the infrastructure Kafka
The gim-values.yaml file
The following sample gim-values.yaml file, which may not be completely up to date, shows the key parameter values you must override.
replicaCount: 1
# Add tenant_id and tenant_uuid
tenant_id: <tenant-id>
tenant_uuid: <tenant-uuid>
image:
registry: pureengage-docker-staging.jfrog.io
repository: gim/etl
pullPolicy: IfNotPresent
tag: <image-version>
#add jfrog details
imagePullSecrets:
pureengage-docker-dev: {}
pureengage-docker-staging: {}
jfrog-stage-credentials: {}
monitoring:
enabled: true
port: 8249
csi_enabled: false
#replaced entire volumes section to align with NFS
volumes: |
- name: kafka-secrets
secret:
secretName: kafka-secrets
- name: gim-secrets
secret:
secretName: gim-secrets
- name: gim-config
configMap:
name: {{ template "fullname" . }}-gim-config
initContainers: ''
extraVolumeMounts: ''
#included shared kafka, change protocol to plaintext
kafka:
bootstrap: 'infra-kafka-cp-kafka.infra.svc.cluster.local:9092'
security:
protocol: plaintext
sasl:
mechanism: PLAIN
#add DB details we created earlier.
db:
jdbcUrl: jdbc:postgresql://{db_hostname}:{{.Values.db.port}}/{db_name}?{db_username}&sslmode=require
name: '<etl-db-name>'
host: 'postgres-rw.infra.svc.cluster.local'
username: '<db-user>'
password: '<db-password>'
port: 5432
XMX: -Xmx900m
dnsConfig:
options:
- name: ndots
value: '3'Configure Kubernetes
Content coming soon
Configure security
The security context settings define the privilege and access control settings for pods and containers.
By default, the user and group IDs are set in the gim-values.yaml file as 500:500:500, meaning the genesys user.
securityContext:
runAsNonRoot: true
runAsUser: 500
runAsGroup: 500
fsGroup: 500
containerSecurityContext: {}Arbitrary UIDs in OpenShift
If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the gim-values.yaml file, so that you do not define any specific IDs.
securityContext:
runAsNonRoot: true
runAsUser: null
runAsGroup: 0
fsGroup: null
containerSecurityContext: {}Comments or questions about this documentation? Contact us for support!