Difference between revisions of "TLM/Current/TLMPEGuide/Configure"

From Genesys Documentation
Jump to: navigation, search
(Published)
 
(5 intermediate revisions by 2 users not shown)
Line 13: Line 13:
 
}}{{Section
 
}}{{Section
 
|sectionHeading=Override Helm chart values
 
|sectionHeading=Override Helm chart values
 +
|anchor=override
 
|alignment=Vertical
 
|alignment=Vertical
|structuredtext={{{!}} class="wikitable"
+
|structuredtext={{{!}} class="wikitable"  
{{!}}+
+
{{!}}-
 
!Parameter
 
!Parameter
 
!Description
 
!Description
 
!Default
 
!Default
 
!Valid values
 
!Valid values
 +
{{!}}-
 +
{{!}}serviceMonitoringAnnotations.enabled
 +
{{!}}Activation of Prometheus monitoring annotations on service.
 +
{{!}}true
 +
{{!}}
 +
{{!}}-
 +
{{!}}podDisruptionBudget.enabled
 +
{{!}}Activation of pod disruption.
 +
{{!}}true
 +
{{!}}
 +
{{!}}-
 +
{{!}}enableServiceLinks
 +
{{!}}Enable service links in single namespace environment.
 +
{{!}}false
 +
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.replicaCount
 
{{!}}tlm.replicaCount
{{!}}Number of replicas
+
{{!}}Number of replicas.
 
{{!}}2
 
{{!}}2
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.image.registry
 
{{!}}tlm.image.registry
{{!}}docker registry
+
{{!}}docker registry.
 
{{!}}pureengage-docker-staging.jfrog.io
 
{{!}}pureengage-docker-staging.jfrog.io
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.image.repository
 
{{!}}tlm.image.repository
{{!}}docker repository
+
{{!}}docker registry.
{{!}}telemetry
+
{{!}}Telemetry
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.image.tag
 
{{!}}tlm.image.tag
{{!}}WWE image version
+
{{!}}WWE image version.
{{!}}``
+
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.image.pullPolicy
 
{{!}}tlm.image.pullPolicy
{{!}}Image pull policy
+
{{!}}Image pull policy.
 
{{!}}IfNotPresent
 
{{!}}IfNotPresent
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.image.imagePullSecrets
 
{{!}}tlm.image.imagePullSecrets
{{!}}Image pull secrets
+
{{!}}Image pull secrets.
 
{{!}}[]
 
{{!}}[]
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.service.type
 
{{!}}tlm.service.type
{{!}}k8s service type
+
{{!}}k8s service type.
 
{{!}}ClusterIP
 
{{!}}ClusterIP
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.service.port_external
 
{{!}}tlm.service.port_external
{{!}}k8s service port external (for customer facing)
+
{{!}}k8s service port external (for customer facing).
 
{{!}}8107
 
{{!}}8107
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.service.port_internal
 
{{!}}tlm.service.port_internal
{{!}}k8s service port internal (for metric scrapping endpoint)
+
{{!}}k8s service port internal (for metric scrapping endpoint).
 
{{!}}9107
 
{{!}}9107
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.ingress
 
{{!}}tlm.ingress
{{!}}Ingress configuration block. See #Ingress
+
{{!}}Ingress configuration block. See #Ingress.
 
{{!}}{enabled:false}
 
{{!}}{enabled:false}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.resources.limits.cpu
 
{{!}}tlm.resources.limits.cpu
{{!}}Maximum amount of CPU K8s allocates for container
+
{{!}}Maximum amount of CPU K8s allocates for container.
 
{{!}}750m
 
{{!}}750m
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.resources.limits.memory
 
{{!}}tlm.resources.limits.memory
{{!}}Maximum amount of Memory K8s allocates for container
+
{{!}}Maximum amount of Memory K8s allocates for container.
 
{{!}}1400Mi
 
{{!}}1400Mi
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.resources.requests.cpu
 
{{!}}tlm.resources.requests.cpu
{{!}}Guaranteed CPU allocation for container
+
{{!}}Guaranteed CPU allocation for container.
 
{{!}}750m
 
{{!}}750m
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.resources.requests.memory
 
{{!}}tlm.resources.requests.memory
{{!}}Guaranteed Memory allocation for container
+
{{!}}Guaranteed Memory allocation for container.
 
{{!}}1400Mi
 
{{!}}1400Mi
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.deployment.strategy
 
{{!}}tlm.deployment.strategy
{{!}}k8s deployment strategy
+
{{!}}k8s deployment strategy.
 
{{!}}{}
 
{{!}}{}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.priorityClassName
 
{{!}}tlm.priorityClassName
{{!}}k8s priority classname
+
{{!}}k8s priority classname.
{{!}}genesysengage-high-priority
+
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.affinity
 
{{!}}tlm.affinity
{{!}}pod affinity
+
{{!}}pod affinity.
 
{{!}}{}
 
{{!}}{}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.nodeselector
 
{{!}}tlm.nodeselector
{{!}}k8s nodeselector map
+
{{!}}k8s nodeselector map.
 
{{!}}{ genesysengage.com/nodepool: general }
 
{{!}}{ genesysengage.com/nodepool: general }
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.tolerations
 
{{!}}tlm.tolerations
{{!}}pod toleration
+
{{!}}pod toleration.
 
{{!}}[]
 
{{!}}[]
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.annotations
 
{{!}}tlm.annotations
{{!}}pod annotations
+
{{!}}pod annotations.
 
{{!}}[]
 
{{!}}[]
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.autoscaling.enabled
 
{{!}}tlm.autoscaling.enabled
{{!}}activate auto scaling
+
{{!}}activate auto scaling.
 
{{!}}true
 
{{!}}true
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.autoscaling.targetCPUPercent
 
{{!}}tlm.autoscaling.targetCPUPercent
{{!}}CPU percentage autoscaling trigger
+
{{!}}CPU percentage autoscaling trigger.
 
{{!}}40
 
{{!}}40
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.autoscaling.minReplicas
 
{{!}}tlm.autoscaling.minReplicas
{{!}}Minimum number of replicas
+
{{!}}Minimum number of replicas.
 
{{!}}2
 
{{!}}2
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.autoscaling.maxReplicas
 
{{!}}tlm.autoscaling.maxReplicas
{{!}}Maximum number of replicas
+
{{!}}Maximum number of replicas.
 
{{!}}10
 
{{!}}10
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.secrets.name_override
 
{{!}}tlm.secrets.name_override
{{!}}Name override of the secret to target
+
{{!}}Name override of the secret to target.
{{!}}``
+
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.secrets.TELEMETRY_AUTH_CLIENT_SECRET
 
{{!}}tlm.secrets.TELEMETRY_AUTH_CLIENT_SECRET
{{!}}GAuth client Secret value
+
{{!}}GAuth client Secret value.
{{!}}``
+
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.context.envs.*
 
{{!}}tlm.context.envs.*
{{!}}Environment variables for Telemetry Service. Please refer to TLM service documentation
+
{{!}}Environment variables for Telemetry Service. Please refer to TLM service documentation.
{{!}}``
+
{{!}}
 
{{!}}
 
{{!}}
 +
{{!}}}
 +
 +
<hr />
 +
You can modify the configuration to suit your environment by two methods:
 +
 +
*Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,
 +
*:<pre>helm install telemetry-service.tgz --set tlm.replicaCount 4</pre>
 +
*Specify the parameters to be modified in a '''values.yaml''' file.
 +
*:<pre>helm install --name tlm -f values.yaml telemetry-service.tgz</pre>
 +
|Status=No
 +
}}{{Section
 +
|sectionHeading=Configure security
 +
|alignment=Vertical
 +
|structuredtext=To learn more about how security is configured for private edition, be sure to read the {{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|topic=Prerequisites|display text=Permissions}} and {{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|topic=ConfigSecurity}} topics in the ''Setting up Genesys Multicloud CX Private Edition'' guide.
 +
 +
The security context settings define the privilege and access control settings for pods and containers.
 +
 +
By default, the user and group IDs are set in the '''values.yaml''' file as <code>500:500:500</code>, meaning the '''genesys''' user.<syntaxhighlight>
 +
optional:
 +
  securityContext:
 +
    runAsUser: 500
 +
    runAsGroup: 500
 +
    fsGroup: 500
 +
    runAsNonRoot: true
 +
</syntaxhighlight>
 +
<!--
 +
===Arbitrary UIDs in OpenShift===
 +
If you want to use arbitrary UIDs in your OpenShift deployment, you must override the '''securityContext''' settings in the '''values.yaml''' file, so that you do not define any specific IDs.<syntaxhighlight>
 +
optional:
 +
  securityContext:
 +
    runAsUser: null
 +
    runAsGroup: 0
 +
    fsGroup: null
 +
    runAsNonRoot: true
 +
</syntaxhighlight><br />
 +
-->
 +
|Status=No
 +
}}{{Section
 +
|sectionHeading=Environment variables
 +
|anchor=en-var
 +
|alignment=Vertical
 +
|structuredtext=<br />
 +
{{{!}} class="wikitable"
 +
{{!}}+
 +
!Parameter
 +
!Description
 +
!Default
 +
!Valid values
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.context.envs.TELEMETRY_AUTH_CLIENT_ID
 
{{!}}tlm.context.envs.TELEMETRY_AUTH_CLIENT_ID
{{!}}GAuth client ID value
+
{{!}}GAuth client ID value.
 
{{!}}telemetry_client
 
{{!}}telemetry_client
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}tlm.context.envs.TELEMETRY_CLOUD_PROVIDER
 
{{!}}tlm.context.envs.TELEMETRY_CLOUD_PROVIDER
{{!}}Specify the mode how telemetry service should be executed: Possible values aws / azure / openshift
+
{{!}}Specify the mode how telemetry service should be executed: Possible values aws / azure .
{{!}}``
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_SERVICES_AUTH (mandatory)
 
{{!}}URL of the GWS Auth public API
 
 
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
{{!}}TELEMETRY_SERVICES_ES
+
{{!}}TELEMETRY_SERVICES_AUTH
{{!}}URL of the Elastic Search endpoint.
+
{{!}}URL of the GWS Auth public API. This is a mandatory field.
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_API_STRICT
 
{{!}}Define if the API accepts additional properties  in payload. To disable strict mode, set it to 0.
 
{{!}}
 
 
{{!}}
 
{{!}}
 +
{{!}}<nowiki>http://gws-core-auth:8095</nowiki>
 
{{!}}-
 
{{!}}-
 
{{!}}TELEMETRY_AUTH_CLIENT_ID
 
{{!}}TELEMETRY_AUTH_CLIENT_ID
{{!}}Client ID that is used to authenticate with   auth service
+
{{!}}The Client ID that is used to authenticate with GWS Auth service.
{{!}}
+
{{!}}telemetry_client
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_AUTH_CLIENT_SECRET
 
{{!}}Client secret that is used to authenticate with  auth service
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_HTTPS_ENABLED
 
{{!}}If set to true session cookie will use secure  mode. If set to false, it will use insecure cookies. If set to auto, it will  set secure flag of cookie based on x-forwarded-proto or values in  TELEMETRY_HTTPS_CUSTOM_HEADERS if set.
 
{{!}}auto
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_HTTPS_CUSTOM_HEADERS
 
{{!}}If set, and TELEMETRY_HTTPS_ENABLED is set to  auto mode, it will check the comma-separated list of custom headers here to  see if it's http or https to determine the secure flag of cookie.
 
{{!}}x-forwarded-scheme
 
{{!}}
 
{{!}}-
 
{{!}}DEV_MODE
 
{{!}}Activate when set to 1. Display more relevant  information in the console. Also set the logger level to more verbose.
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_BENCH_MODE
 
{{!}}Activate when set to 1. For development  purpose. This will skip the OAuth validation and will create a session for  the user even if the exchange token is wrong.
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_ES_MOCK_MODE
 
{{!}}Activate when set to 1. For development  purposes. This will create a mock ES client, skipping the ElasticSearch API  calls.
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_ES_RESOLVE_BULKS
 
{{!}}For use in conjunction with  TELEMETRY_ES_MOCK_MODE. If set to 1, the mock ES client bulk requests will be  resolved. If set to 0, they will be rejected.
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}APP_LOG_LEVEL
 
{{!}}default: info Log level of the API
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}API_LOG_LEVEL
 
{{!}}default: warn Log level of the framework  (similar to access logs)
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_ENCRYPTION_KEY
 
{{!}}Encryption key for the session cookie
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_CORS_HOST
 
{{!}}Host to be supported by CORS. They can be comma-separated values.
 
{{!}}
 
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}TELEMETRY_CORS_DOMAIN
 
{{!}}TELEMETRY_CORS_DOMAIN
{{!}}Domains to be supported by CORS. They can be comma-separated values.
+
{{!}}Domains to be supported by CORS. This can a comma separated list.{{NoteFormat|Add a `\` before `.` for regex matching. eg: `\.genesyslab\.com` (another `\` should be added when using quotes).|}}
 
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}TELEMETRY_TRACES_PROVIDER
 
{{!}}TELEMETRY_TRACES_PROVIDER
{{!}}The trace provider to use can be Elasticsearch or Console.
+
{{!}}The trace provider to use can be `ElasticSearch` or `Console`.
{{!}}Elasticsearch
+
{{!}}ElasticSearch
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_TRACES_BULK_SIZE
 
{{!}}The maximum number or entries in a bulk request to Elasticsearch.
 
{{!}}10000
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_TRACES_BULK_TIME
 
{{!}}The maximum time (in minutes) between 2 bulk requests jobs to Elasticsearch.
 
{{!}}1
 
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
Line 269: Line 258:
 
{{!}}The maximum buffer entries for Elasticsearch service.
 
{{!}}The maximum buffer entries for Elasticsearch service.
 
{{!}}400000
 
{{!}}400000
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_TRACES_SHIFT_THRESHOLD
 
{{!}}The maximum number of shift before setting the Elasticsearch service as unhealthy.
 
{{!}}50000
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_AUTH_MIN_INTERVAL
 
{{!}}The minimum time between 2 authentications. The client will receive a HTTP 429 return code if a request comes in within this interval.
 
{{!}}1
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_RECORD_MIN_INTERVAL
 
{{!}}The minimum time between 2 record entries. The client will receive a HTTP 429 return code if a request comes in within this interval.
 
{{!}}1
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_MAX_SESSION
 
{{!}}The maximum active sessions handled by the service. Once the limit is reached, a new authentication will receive HTTP 503 code.
 
{{!}}10000
 
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_SERVICE
 
{{!}}TELEMETRY_CONFIG_SERVICE
{{!}}Data source to fetch configurations. Possible   values : s3 &#124; premisefs &#124; env.
+
{{!}}The data source to fetch configuration information. Possible values : s3, azure, env, or an empty string.
{{!}}none
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_PATH
 
{{!}}The internal path to the config folder in config provider
 
 
{{!}}none
 
{{!}}none
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
{{!}}TELEMETRY_CONFIG_TIMER
+
{{!}}TELEMETRY_CONFIG_SERVICE_CORS
{{!}}The time period between each configuration fetch in minutes.
+
{{!}}This overrides data source to fetch CORS configurations. Possible values : Same value as `TELEMETRY_CONFIG_SERVICE` or `environmentservice` for using the environment-service API (Uses the `TELEMETRY_SERVICES_ENVIRONMENT` variable).
{{!}}15
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_PREMISE_PATH
 
{{!}}The filesystem path for config folder. This can  be combined with TELEMETRY_CONFIG_PATH.
 
 
{{!}}none
 
{{!}}none
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_BUCKET
 
{{!}}Specify the S3 bucket to load service configurations
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_EVENT_MONITOR_TIME
 
{{!}}The maximum time (in minutes) between 2 Event  Monitor report parsing.
 
{{!}}10
 
{{!}}
 
{{!}}-
 
{{!}}ENVIRONMENT_TYPE
 
{{!}}The environment type. It can be dev, staging,  stage or prod.
 
{{!}}staging
 
{{!}}
 
{{!}}-
 
{{!}}AWS_REGION
 
{{!}}AWS region for the stack.
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}AZURE_REGION
 
{{!}}Azure region for the stack.
 
{{!}}
 
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}TELEMETRY_CLOUD_PROVIDER
 
{{!}}TELEMETRY_CLOUD_PROVIDER
{{!}}The Cloud provider for the service. IT can be   aws, azure, gcp or premise.
+
{{!}}Cloud provider for the service. Can be `aws`, `azure`, `gcp` or `premise`.
 
{{!}}aws
 
{{!}}aws
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_SESSION_TIME
 
{{!}}The time of a telemetry session in minutes.
 
{{!}}4
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_AZURE_CONNECTION_STRING
 
{{!}}The Connection string to connect to Azure blob  storage.
 
{{!}}none
 
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_CONTRACTS
 
{{!}}TELEMETRY_CONFIG_CONTRACTS
{{!}}A Stringified JSON array to provision contracts   through env config provider.
+
{{!}}Stringified JSON array to provision contracts through `env` config provider.
{{!}}
+
{{!}}[]
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_CORS
 
{{!}}A Stringified JSON to provision cors through  env config provider.
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_AUTH
 
{{!}}A Stringified JSON to provision auth through  env config provider.
 
{{!}}
 
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
 
{{!}}TELEMETRY_CONFIG_TENANTS
 
{{!}}TELEMETRY_CONFIG_TENANTS
{{!}}A Stringified JSON to provision tenants through   env config provider.
+
{{!}}A Stringified JSON to provision tenants through `env` config provider.
 +
{{!}}{}
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
{{!}}serviceMonitor.enabled
+
{{!}}TELEMETRY_SERVICES_ENVIRONMENT
{{!}}Activation of service monitor
+
{{!}}The URL of the GWS environment service API. Used only if environment service is used for configuration provisioning.
{{!}}true
+
{{!}}value of TELEMETRY_SERVICES_AUTH
{{!}}
+
{{!}}http://gauth-environment-active.gauth
{{!}}-
 
{{!}}podDisruptionBudget.enabled
 
{{!}}Activation of pod disruption
 
{{!}}true
 
{{!}}
 
 
{{!}}}
 
{{!}}}
 
 
You can modify the configuration to suit your environment by two methods:
 
 
*Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,
 
*:<pre>helm install telemetry-service.tgz --set tlm.replicaCount 4</pre>
 
 
*Specify the parameters to be modified in a '''values.yaml''' file.
 
*:<pre>helm install --name tlm -f values.yaml telemetry-service.tgz</pre>
 
 
|Status=No
 
|Status=No
}}{{Section
 
|sectionHeading=Configure Kubernetes
 
|alignment=Vertical
 
|structuredtext=<div style="background-color: aliceblue; font-style: italic;">Document the layouts for the following so customers can create them if their Helm chart doesn't include a way to do this:
 
 
*ConfigMaps
 
*Secrets
 
</div>NA
 
|Status=Yes
 
}}{{Section
 
|sectionHeading=Configure security
 
|alignment=Vertical
 
|structuredtext=<div style="background-color: aliceblue; font-style: italic;">List security-related settings, such as how to set up credentials and certificates for third-party services.</div>NA
 
<br />
 
|Status=Yes
 
 
}}{{Section
 
}}{{Section
 
|sectionHeading=Prepare an environment
 
|sectionHeading=Prepare an environment
Line 429: Line 315:
 
}}
 
}}
 
|PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97
 
|PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97
}}
 
 
}}
 
}}

Latest revision as of 08:32, February 28, 2023

This topic is part of the manual Telemetry Service Private Edition Guide for version Current of Telemetry Service.

Learn how to configure Telemetry Service.

Configure a secret to access JFrog

If you haven't done so already, create a secret for accessing the JFrog registry:
kubectl create secret docker-registry <credential-name> --docker-server=<docker repo> --docker-username=<username> --docker-password=<password> --docker-email=<emailid>
Now map the secret to the default service account:
kubectl secrets link default <credential-name> --for=pull

Override Helm chart values

Parameter Description Default Valid values
serviceMonitoringAnnotations.enabled Activation of Prometheus monitoring annotations on service. true
podDisruptionBudget.enabled Activation of pod disruption. true
enableServiceLinks Enable service links in single namespace environment. false
tlm.replicaCount Number of replicas. 2
tlm.image.registry docker registry. pureengage-docker-staging.jfrog.io
tlm.image.repository docker registry. Telemetry
tlm.image.tag WWE image version.
tlm.image.pullPolicy Image pull policy. IfNotPresent
tlm.image.imagePullSecrets Image pull secrets. []
tlm.service.type k8s service type. ClusterIP
tlm.service.port_external k8s service port external (for customer facing). 8107
tlm.service.port_internal k8s service port internal (for metric scrapping endpoint). 9107
tlm.ingress Ingress configuration block. See #Ingress. {enabled:false}
tlm.resources.limits.cpu Maximum amount of CPU K8s allocates for container. 750m
tlm.resources.limits.memory Maximum amount of Memory K8s allocates for container. 1400Mi
tlm.resources.requests.cpu Guaranteed CPU allocation for container. 750m
tlm.resources.requests.memory Guaranteed Memory allocation for container. 1400Mi
tlm.deployment.strategy k8s deployment strategy. {}
tlm.priorityClassName k8s priority classname.
tlm.affinity pod affinity. {}
tlm.nodeselector k8s nodeselector map. { genesysengage.com/nodepool: general }
tlm.tolerations pod toleration. []
tlm.annotations pod annotations. []
tlm.autoscaling.enabled activate auto scaling. true
tlm.autoscaling.targetCPUPercent CPU percentage autoscaling trigger. 40
tlm.autoscaling.minReplicas Minimum number of replicas. 2
tlm.autoscaling.maxReplicas Maximum number of replicas. 10
tlm.secrets.name_override Name override of the secret to target.
tlm.secrets.TELEMETRY_AUTH_CLIENT_SECRET GAuth client Secret value.
tlm.context.envs.* Environment variables for Telemetry Service. Please refer to TLM service documentation.

You can modify the configuration to suit your environment by two methods:

  • Specify each parameter using the --set key=value[,key=value] argument to helm install. For example, 
    helm install telemetry-service.tgz --set tlm.replicaCount 4
  • Specify the parameters to be modified in a values.yaml file. 
    helm install --name tlm -f values.yaml telemetry-service.tgz

Configure security

To learn more about how security is configured for private edition, be sure to read the Permissions and OpenShift security settings topics in the Setting up Genesys Multicloud CX Private Edition guide.

The security context settings define the privilege and access control settings for pods and containers.

By default, the user and group IDs are set in the values.yaml file as 500:500:500, meaning the genesys user.
optional:
  securityContext:
    runAsUser: 500
    runAsGroup: 500
    fsGroup: 500
    runAsNonRoot: true

Environment variables


Parameter Description Default Valid values
tlm.context.envs.TELEMETRY_AUTH_CLIENT_ID GAuth client ID value. telemetry_client
tlm.context.envs.TELEMETRY_CLOUD_PROVIDER Specify the mode how telemetry service should be executed: Possible values aws / azure .
TELEMETRY_SERVICES_AUTH URL of the GWS Auth public API. This is a mandatory field. http://gws-core-auth:8095
TELEMETRY_AUTH_CLIENT_ID The Client ID that is used to authenticate with GWS Auth service. telemetry_client
TELEMETRY_CORS_DOMAIN Domains to be supported by CORS. This can a comma separated list.
Important
Add a `\` before `.` for regex matching. eg: `\.genesyslab\.com` (another `\` should be added when using quotes).
TELEMETRY_TRACES_PROVIDER The trace provider to use can be `ElasticSearch` or `Console`. ElasticSearch
TELEMETRY_TRACES_CONCURRENT The maximum of parallel bulk request to Elasticsearch at the same time. 3
TELEMETRY_TRACES_THRESHOLD The maximum buffer entries for Elasticsearch service. 400000
TELEMETRY_CONFIG_SERVICE The data source to fetch configuration information. Possible values : s3, azure, env, or an empty string. none
TELEMETRY_CONFIG_SERVICE_CORS This overrides data source to fetch CORS configurations. Possible values : Same value as `TELEMETRY_CONFIG_SERVICE` or `environmentservice` for using the environment-service API (Uses the `TELEMETRY_SERVICES_ENVIRONMENT` variable). none
TELEMETRY_CLOUD_PROVIDER Cloud provider for the service. Can be `aws`, `azure`, `gcp` or `premise`. aws
TELEMETRY_CONFIG_CONTRACTS Stringified JSON array to provision contracts through `env` config provider. []
TELEMETRY_CONFIG_TENANTS A Stringified JSON to provision tenants through `env` config provider. {}
TELEMETRY_SERVICES_ENVIRONMENT The URL of the GWS environment service API. Used only if environment service is used for configuration provisioning. value of TELEMETRY_SERVICES_AUTH http://gauth-environment-active.gauth

Prepare an environment

Create a new project namespace for Telemetry: 

kubectl create namespace tlm

See Creating namespaces for a list of approved namespaces.

Download the telemetry helm charts from the JFrog repository: 

https://pureengage.jfrog.io/artifactory/helm-staging/tlm

Create a values-telemetry.yaml file and update the following parameters: 

TELEMETRY_AUTH_CLIENT_SECRET: <CLIENT_SECRET GENEREATED FROM GAUTH>
TELEMETRY_AUTH_CLIENT_ID: <CLIENT_ID GENEREATED FROM GAUTH>
TELEMETRY_SERVICES_AUTH: "<GAUTH URL>"
TELEMETRY_CLOUD_PROVIDER: "GKE"
TELEMETRY_CORS_DOMAIN: "<domain for which cors has been enabled>"
grafanaDashboard:
  enabled: true

Copy the values-telemetry.yaml file and the tlm Helm package to the installation location.

Retrieved from "https://all.docs.genesys.com/TLM/Current/TLMPEGuide/Configure (2024-10-06 22:55:38)"
Comments or questions about this documentation? Contact us for support!