Difference between revisions of "PEC-REP/Current/GIMPEGuide/ConfigureGCA"

From Genesys Documentation
Jump to: navigation, search
 
(3 intermediate revisions by the same user not shown)
Line 6: Line 6:
 
|Section={{Section
 
|Section={{Section
 
|sectionHeading=GCA Helm chart overrides
 
|sectionHeading=GCA Helm chart overrides
 +
|anchor=GCA_HelmOverrides
 
|alignment=Vertical
 
|alignment=Vertical
 
|structuredtext=The GCA requires some configuration for deployment that must be done by modifying the GCA's default Helm chart. You do this by creating override entries in the GCA's '''values.yaml''' file.
 
|structuredtext=The GCA requires some configuration for deployment that must be done by modifying the GCA's default Helm chart. You do this by creating override entries in the GCA's '''values.yaml''' file.
  
Download the '''gca''' and '''gca-monitoring''' Helm charts from the JFrog registry, using the appropriate credentials.
+
Download the '''gca''' and '''gca-monitoring''' Helm charts from your image registry, using the appropriate credentials.
  
 
For information about how to download the Helm charts, see {{SuiteLevelLink|helmchart}}. To find the correct Helm chart version for your release, see {{Link-AnywhereElse|product=ReleaseNotes|version=Current|manual=GenesysEngage-cloud|topic=GIMHelm}}. For general information about Helm chart overrides, see {{SuiteLevelLink|helmoverride}} in the ''{{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|display text=Genesys Multicloud CX Private Edition Guide}}''.
 
For information about how to download the Helm charts, see {{SuiteLevelLink|helmchart}}. To find the correct Helm chart version for your release, see {{Link-AnywhereElse|product=ReleaseNotes|version=Current|manual=GenesysEngage-cloud|topic=GIMHelm}}. For general information about Helm chart overrides, see {{SuiteLevelLink|helmoverride}} in the ''{{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|display text=Genesys Multicloud CX Private Edition Guide}}''.
Line 28: Line 29:
 
The location of the Genesys JFrog image registry is defined when you set up the environment for the GSP. It is represented in the system as the <code>docker-registry</code>. In the GSP Helm chart, the repository is represented as <code>image: registry</code>, as shown below. You can optionally set a container version for the image.
 
The location of the Genesys JFrog image registry is defined when you set up the environment for the GSP. It is represented in the system as the <code>docker-registry</code>. In the GSP Helm chart, the repository is represented as <code>image: registry</code>, as shown below. You can optionally set a container version for the image.
  
*<code>image:</code>
+
<source lang="bash">
*:<code>registry</code> — ''the repository from which Kubernetes will pull images (''<code>pureengage-docker-staging.jfrog.io</code> ''by default)''
+
image: # The repository from which Kubernetes will pull images
*:<code>tag</code> — ''the container image version''
+
  registry: <your_container_registry> # The default registry is pureengage-docker-staging.jfrog.io
 +
  tag: <image_tag> # The container image tag/version
 +
</source>
  
 
{{AnchorDiv|GCA_PullSecret}}
 
{{AnchorDiv|GCA_PullSecret}}
Line 37: Line 40:
 
Each of the three Info Mart services (GIM, GSP, and GCA) must be configured with the pull secret. You do this '''values.yaml''' for the service.  
 
Each of the three Info Mart services (GIM, GSP, and GCA) must be configured with the pull secret. You do this '''values.yaml''' for the service.  
  
*<code>imagePullSecrets:</code>
+
<source lang="bash">
*:<code>docker-registry</code> — ''the credentials Kubernetes will use to pull the image from the registry''
+
imagePullSecrets:
 +
  docker-registry: {<pull-secret>} # The credentials Kubernetes will use to pull the image from the registry
 +
</source>
 +
 
  
 
Note that other services use a different syntax than this to configure the repository pull secret, as follows:
 
Note that other services use a different syntax than this to configure the repository pull secret, as follows:
 
+
<source lang="bash">
*<code>image:</code>
+
imagePullSecrets:
*:<code>imagePullSecrets:</code>
+
  name: docker-registry
*::<code>- name: docker-registry</code>
+
</source>
*::Genesys Info Mart, GIM Stream Processor, and GIM Configuration Adaptor helm charts all support advanced templating that allow the helm to create the pull secret automatically; hence the variation in syntax.
+
Genesys Info Mart, GIM Stream Processor, and GIM Configuration Adaptor helm charts all support advanced templating that allow the helm to create the pull secret automatically; hence the variation in syntax.
 
|Status=No
 
|Status=No
 
}}{{Section
 
}}{{Section
Line 53: Line 59:
 
|structuredtext=The Tenant microservice provides direct access to the configuration server database. Configure a Helm override entry for the Tenant ID.
 
|structuredtext=The Tenant microservice provides direct access to the configuration server database. Configure a Helm override entry for the Tenant ID.
  
*<code>tenant_id</code> - ''the TenantID of the tenant in use''
+
<source lang="bash">
 +
tenant_id: <tenant-id> # The TenantID of the tenant in use
 +
</source>
 
|Status=No
 
|Status=No
 
}}{{Section
 
}}{{Section
Line 63: Line 71:
 
The Kafka secret is necessary for GCA to access Kafka. The Kafka secret is provisioned in the system as <code>kafka-secrets</code> when you set up the environment for GCA. Configure the Kafka secret by creating a Helm chart override in the '''values.yaml''' file.
 
The Kafka secret is necessary for GCA to access Kafka. The Kafka secret is provisioned in the system as <code>kafka-secrets</code> when you set up the environment for GCA. Configure the Kafka secret by creating a Helm chart override in the '''values.yaml''' file.
  
*<code>kafka:</code>
+
<source lang="bash">
*:<code>password</code> - ''Credentials for accessing Kafka. This secret is created during deployment''
+
kafka:
 +
  password: <kafka-password> # Credentials for accessing Kafka. This secret is created during deployment.
 +
</source>
  
 
{{AnchorDiv|GCA_KafkaBootstrap}}
 
{{AnchorDiv|GCA_KafkaBootstrap}}
Line 70: Line 80:
 
To allow the Kafka service on GCA to align with the infrastructure Kafka service, make a Helm override entry with the location of the Kafka bootstrap.
 
To allow the Kafka service on GCA to align with the infrastructure Kafka service, make a Helm override entry with the location of the Kafka bootstrap.
  
*<code>kafka:</code>
+
<source lang="bash">
*:<code>bootstrap</code> — ''the Kafka address to align with the infrastructure Kafka''
+
kafka:
 +
  bootstrap: <kafka-bootstrap-location> # the Kafka address to align with the infrastructure Kafka
 +
</source>
 
|Status=No
 
|Status=No
 
}}{{Section
 
}}{{Section
Line 77: Line 89:
 
|anchor=Storage
 
|anchor=Storage
 
|alignment=Vertical
 
|alignment=Vertical
|structuredtext=If you are using S3-compatible object storage on OpenShift or GCP to store the GCA snapshot, modify the following <code>storage: s3</code> entries in the '''values.yaml''' file:
+
|structuredtext=If you are using S3-compatible object storage on GCP to store the GCA snapshot, modify the following <code>storage: s3</code> entries in the '''values.yaml''' file:
  
*<tt>bucket</tt> — ''the bucket name''
 
*<tt>gcaSnapshots</tt> — ''the volume or folder in the bucket where the GCA snapshot is stored''
 
*<tt>accessKey</tt> — ''the access key created when you created the bucket''
 
*<tt>secretKey</tt> — ''the secret created when you created the bucket''
 
*<tt>endPoint</tt> — ''the bucket host''
 
 
====OpenShift example====
 
 
<source lang="bash">
 
<source lang="bash">
 
storage:
 
storage:
 
   ...
 
   ...
 
   s3:
 
   s3:
     bucket: "gim-3f7ac1ab-03b9-445b-ba12-137d4bbc3c38"
+
     bucket: <bucket-name> # The bucket name
     gcaSnapshots: "/gca"
+
     gcaSnapshots: <vol-name> # The volume or folder in the bucket where the GCA snapshot will be stored
     accessKey: "<Access Key>"
+
     accessKey: <s3-access-key> # The access key created when you created the bucket
     secretKey: "<Secret Key>"
+
     secretKey: <s3-secret> # The secret created when the bucket was provisioned
    useSSL: true
+
     endPoint: <host> # The bucket host
     endPoint: "s3.openshift-storage.svc"
+
</source>
    port: 443
 
    Insecure: true </source>
 
  
 
====GKE example====
 
====GKE example====
Line 111: Line 114:
 
     endPoint: "storage.googleapis.com"
 
     endPoint: "storage.googleapis.com"
 
     port: 443
 
     port: 443
     Insecure: true </source>
+
     Insecure: true  
 +
</source>
 
|Status=No
 
|Status=No
 
}}{{Section
 
}}{{Section
Line 119: Line 123:
 
|structuredtext=Specify applicable details for the configuration database. The password you configure here is provisioned as <code>cfgdb-secrets</code> in the system.  
 
|structuredtext=Specify applicable details for the configuration database. The password you configure here is provisioned as <code>cfgdb-secrets</code> in the system.  
  
*<code>cfgdb</code> - ''the applicable details for the Configuration Database, created before you deployed the Tenant service''
+
<source lang="bash">
*:<code>name</code> - ''the name of the database''
+
cfgdb: # The applicable details for the Configuration Database, created before you deployed the Tenant service
*:<code>host</code> - ''the host on which the DBMS is running''
+
  name: <config-db-name> # The name of the database
*:<code>username</code> - ''the user account for GCA to access the database. The user account must have at least read permissions.''
+
  host: <dbms-host> # The host on which the DBMS is running
*:<code>password</code> - ''the password for the user account''
+
  username: <username> # The user account for GCA to access the database. The user account must have at least read permissions
 +
  password: <password> # The password for the user account
 +
</source>
 
|Status=No
 
|Status=No
 
}}{{Section
 
}}{{Section
Line 130: Line 136:
 
|structuredtext=Specify the applicable details for the Info Mart database. The password you specify here is provisioned in the system as <code>gimdb-secrets</code>.
 
|structuredtext=Specify the applicable details for the Info Mart database. The password you specify here is provisioned in the system as <code>gimdb-secrets</code>.
  
*<code>gimdb</code> - ''the applicable details for the Info Mart database''
+
<source lang="bash">
*:<code>name</code> - ''the name of the database''
+
gimdb: # The applicable details for the Info Mart database
*:<code>host</code> - ''the host on which the DBMS is running''
+
  name: <gim-db-name> # The name of the database
*:<code>username</code> - ''the user account created when you created the GIM database''
+
  host: <dbms-host> # The host on which the DBMS is running
*:<code>password</code> - ''the password for the user account''
+
  username: <username> # The user account created when you created the GIM database
|Status=No
+
  password: <password> # The password for the user account
}}{{Section
+
</source>
|sectionHeading=Arbitrary UIDs (OpenShift)
 
|anchor=Security
 
|alignment=Vertical
 
|structuredtext=If you have an OpenShift deployment and you want to use arbitrary UIDs, you must modify the security context settings in the '''values.yaml''' file. The security context settings define the privilege and access control settings for pods and containers.
 
 
 
In the '''values.yaml''' file, the default user and group IDs in the <code>securityContext</code> object are set to <code>500:500:500</code> (the '''genesys''' user), as shown below.
 
securityContext:
 
  runAsNonRoot: true
 
  runAsUser: 500
 
  runAsGroup: 500
 
  fsGroup: 500
 
 
containerSecurityContext: {}
 
To use arbitrary UIDs in your OpenShift deployment, you replace these values with null values, as in the following example.
 
securityContext:
 
  runAsNonRoot: true
 
  runAsUser: null
 
  runAsGroup: 0
 
  fsGroup: null
 
 containerSecurityContext: {}
 
 
|Status=No
 
|Status=No
 
}}{{Section
 
}}{{Section

Latest revision as of 13:31, March 10, 2023

This topic is part of the manual Genesys Info Mart Private Edition Guide for version Current of Reporting.

Learn how to configure GIM Config Adapter (GCA).

GCA Helm chart overrides

The GCA requires some configuration for deployment that must be done by modifying the GCA's default Helm chart. You do this by creating override entries in the GCA's values.yaml file.

Download the gca and gca-monitoring Helm charts from your image registry, using the appropriate credentials.

For information about how to download the Helm charts, see Downloading your Genesys Multicloud CX containers. To find the correct Helm chart version for your release, see Helm charts and containers for Genesys Info Mart. For general information about Helm chart overrides, see Overriding Helm chart values in the Genesys Multicloud CX Private Edition Guide.

At minimum, you must create entries in the values.yaml file to specify key system information, as described in the following sections.

Important
Treat your modified values.yaml file as source code, which you are responsible to maintain so that your overrides are preserved and available for reuse when you upgrade.

Image registry and pull secret


Image registry

Create an entry in the GSP's values.yaml file to specify the location of the Genesys JFrog image registry. This is the repository from which Kubernetes will pull images.

The location of the Genesys JFrog image registry is defined when you set up the environment for the GSP. It is represented in the system as the docker-registry. In the GSP Helm chart, the repository is represented as image: registry, as shown below. You can optionally set a container version for the image. 

image: # The repository from which Kubernetes will pull images
  registry: <your_container_registry> # The default registry is pureengage-docker-staging.jfrog.io
  tag: <image_tag> # The container image tag/version

Pull secret

When you set up your environment, you provision a pull secret for Genesys JFrog image registry (docker-registry). Each service must supply the credentials for the repository in order for Kubernetes to be able to pull from the repository. Each of the three Info Mart services (GIM, GSP, and GCA) must be configured with the pull secret. You do this values.yaml for the service. 

imagePullSecrets:
  docker-registry: {<pull-secret>} # The credentials Kubernetes will use to pull the image from the registry


Note that other services use a different syntax than this to configure the repository pull secret, as follows: 

imagePullSecrets:
  name: docker-registry

Genesys Info Mart, GIM Stream Processor, and GIM Configuration Adaptor helm charts all support advanced templating that allow the helm to create the pull secret automatically; hence the variation in syntax.

Tenant ID

The Tenant microservice provides direct access to the configuration server database. Configure a Helm override entry for the Tenant ID. 

tenant_id: <tenant-id> # The TenantID of the tenant in use

Kafka

Kafka secret

The Kafka secret is necessary for GCA to access Kafka. The Kafka secret is provisioned in the system as kafka-secrets when you set up the environment for GCA. Configure the Kafka secret by creating a Helm chart override in the values.yaml file. 

kafka:
  password: <kafka-password> # Credentials for accessing Kafka. This secret is created during deployment.

Kafka bootstrap

To allow the Kafka service on GCA to align with the infrastructure Kafka service, make a Helm override entry with the location of the Kafka bootstrap. 

kafka:
  bootstrap: <kafka-bootstrap-location> # the Kafka address to align with the infrastructure Kafka

S3-compatible storage

If you are using S3-compatible object storage on GCP to store the GCA snapshot, modify the following storage: s3 entries in the values.yaml file: 

storage:
  ...
  s3:
    bucket: <bucket-name> # The bucket name
    gcaSnapshots: <vol-name> # The volume or folder in the bucket where the GCA snapshot will be stored
    accessKey: <s3-access-key> # The access key created when you created the bucket
    secretKey: <s3-secret> # The secret created when the bucket was provisioned
    endPoint: <host> # The bucket host

GKE example

storage:
  ...
  s3:
    bucket: "test-example-bucket-one"
    gcaSnapshots: "/gca"
    accessKey: "<Access Key>"
    secretKey: "<Secret Key>"
    useSSL: true
    endPoint: "storage.googleapis.com"
    port: 443
    Insecure: true

Configuration database

Specify applicable details for the configuration database. The password you configure here is provisioned as cfgdb-secrets in the system. 

cfgdb: # The applicable details for the Configuration Database, created before you deployed the Tenant service
  name: <config-db-name> # The name of the database
  host: <dbms-host> # The host on which the DBMS is running
  username: <username> # The user account for GCA to access the database. The user account must have at least read permissions
  password: <password> # The password for the user account

GIM database

Specify the applicable details for the Info Mart database. The password you specify here is provisioned in the system as gimdb-secrets. 

gimdb: # The applicable details for the Info Mart database
  name: <gim-db-name> # The name of the database
  host: <dbms-host> # The host on which the DBMS is running
  username: <username> # The user account created when you created the GIM database
  password: <password> # The password for the user account

Config Maps

There are no Config Maps for GCA you can configure directly.

Retrieved from "https://all.docs.genesys.com/PEC-REP/Current/GIMPEGuide/ConfigureGCA (2025-07-21 23:36:47)"
Comments or questions about this documentation? Contact us for support!