Difference between revisions of "PEC-REP/Current/GCXIPEGuide/Configure"

From Genesys Documentation
Jump to: navigation, search
(Published)
 
 
(3 intermediate revisions by 2 users not shown)
Line 7: Line 7:
 
|sectionHeading=Override Helm chart values
 
|sectionHeading=Override Helm chart values
 
|alignment=Vertical
 
|alignment=Vertical
|structuredtext=Before you begin, download the latest yaml files from the repository, or examine the attached files: {{Repository|GCXIyamlExamples.zip|| Sample GCXI yaml files}}. Helm values are described in '''values.yaml'''. See the comments accompanying each Helm value.
+
|structuredtext=Before you begin, download the latest yaml files from the repository, or examine the attached files: {{Repository|GCXIYaml.zip|| Sample GCXI yaml files }}. Helm values are described in '''values.yaml'''. See the comments accompanying each Helm value.
  
 
You can override values in the Helm charts to configure Private Edition. For more information, see the "suite-level" documentation about how to override Helm chart values: {{SuiteLevelLink|helmoverride}}.
 
You can override values in the Helm charts to configure Private Edition. For more information, see the "suite-level" documentation about how to override Helm chart values: {{SuiteLevelLink|helmoverride}}.
Line 83: Line 83:
 
|alignment=Vertical
 
|alignment=Vertical
 
|structuredtext=GCXI is based on a 3rd-party product (MicroStrategy), and as result has some special considerations:
 
|structuredtext=GCXI is based on a 3rd-party product (MicroStrategy), and as result has some special considerations:
 +
{{AnchorDiv|hostIPC}}
  
 
*The main container is about 12 GB.
 
*The main container is about 12 GB.
*The Openshift-specific <nowiki>''</nowiki>arbitrary user id<nowiki>''</nowiki> requirement cannot be satisfied. GCXI requires anyuid SCC.
+
*Genesys recommends that you enable hostIPC. However, hostIPC is disabled by default and in some deployments, GCXI can operate successfully without it.
*GCXI requires specific hostIPC configuration on the nodes:
+
*#Enable hostIPC by setting:
*:<source lang="bash">echo "kernel.sem = 250 1024000 250 4096" >> /etc/sysctl.conf
+
*#:<source lang="bash">hostIPC: true</source>
 +
*#Configure hostIPC at the node level as follows:
 +
*#:<source lang="bash">echo "kernel.sem = 250 1024000 250 4096" >> /etc/sysctl.conf
 
echo "vm.max_map_count = 5242880" >> /etc/sysctl.conf
 
echo "vm.max_map_count = 5242880" >> /etc/sysctl.conf
 
sysctl -p</source>
 
sysctl -p</source>
*In most deployments, GCXI requires that hostIPC be set:
+
 
*:<source lang="bash">hostIPC: true</source>
+
===Arbitrary UID===
 +
 
 +
*The deployment routine assigns an arbitrary user ID (UID) and group ID to pods during deployment. Default file ownership is '''genesys:root (500:0)'''.
 +
*If your OpenShift deployment uses arbitrary UIDs, you must override the securityContext settings in the '''values.yaml''' file (see line 456) as follows:
 +
*:<source lang="text">secrets:
 +
podSecurityContext:
 +
  fsGroup: null
 +
  runAsUser: null
 +
  runAsGroup: 0
 +
  runAsNonRoot: true
 +
 
 +
securityContext:
 +
  fsGroup: null
 +
  runAsUser: null
 +
  runAsGroup: 0
 +
  runAsNonRoot: true</source>
 +
*:The default values (user ID = 500) are suitable for many other deployment scenarios:
 +
*:<source lang="text">secrets:
 +
  securityContext:
 +
    control:
 +
      fsGroup: null
 +
      runAsUser: 500
 +
      runAsGroup: 500
 +
    worker:
 +
      fsGroup: null
 +
      runAsUser: 500
 +
      runAsGroup: 500</source>
 
|Status=No
 
|Status=No
 
}}
 
}}
 
|PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97
 
|PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97
 
}}
 
}}

Latest revision as of 17:30, April 8, 2022

This topic is part of the manual Genesys Customer Experience Insights Private Edition Guide for version Current of Reporting.

Learn how to configure Genesys Customer Experience Insights (GCXI).

Override Helm chart values

Before you begin, download the latest yaml files from the repository, or examine the attached files: Sample GCXI yaml files . Helm values are described in values.yaml. See the comments accompanying each Helm value.

You can override values in the Helm charts to configure Private Edition. For more information, see the "suite-level" documentation about how to override Helm chart values: Overriding Helm chart values.

Configure Kubernetes

This section provides information about Kubernetes configuration.

ConfigMaps

Configuration information is stored in ConfigMap.

See the gcxi-worker-statefulset.yaml file: 

envFrom:
        - configMapRef:
            name: gcxi-config{{ template "deploymentCode" . }}
            optional: true
        - configMapRef:
            name: gcxi-config-ext{{ template "deploymentCode" . }}
            optional: true
        {{- range $cm := .Values.gcxi.configMaps }}
        - configMapRef:
            name: {{ tpl $cm.name $ }}
            optional: true

Secrets

GCXI supports the following methods of secret injection:

  • CSI driver
  • Kubernetes secrets
  • Environment Variables

See the values.yaml file: 

secrets:
  - name: gcxi-secret-pg

See the gcxi-worker-statefulset.yaml file: 

- name: gcxi-var
        projected:
          sources:
          - secret:
              name: gcxi-secret{{ template "deploymentCode" . }}
              optional: true
          - secret:
              name: gcxi-secret-ext{{ template "deploymentCode" . }}
              optional: true
          {{- range $secret := .Values.gcxi.secrets }}
          - secret:
              name: {{ tpl $secret.name $ }}
              {{- with $secret.items }}
              items:
              {{- range $item := $secret.items }}
              - key: {{ tpl $item.key $ }}
                path: {{ tpl $item.path $ }}
              {{- end }}
              {{- end }}
              optional: true
          {{- end }}

Configure security

GCXI is based on a 3rd-party product (MicroStrategy), and as result has some special considerations:


  • The main container is about 12 GB.
  • Genesys recommends that you enable hostIPC. However, hostIPC is disabled by default and in some deployments, GCXI can operate successfully without it.
    1. Enable hostIPC by setting: 
      hostIPC: true
    2. Configure hostIPC at the node level as follows: 
      echo "kernel.sem = 250 1024000 250 4096" >> /etc/sysctl.conf
echo "vm.max_map_count = 5242880" >> /etc/sysctl.conf
sysctl -p

Arbitrary UID

  • The deployment routine assigns an arbitrary user ID (UID) and group ID to pods during deployment. Default file ownership is genesys:root (500:0).
  • If your OpenShift deployment uses arbitrary UIDs, you must override the securityContext settings in the values.yaml file (see line 456) as follows: 
    secrets:
 podSecurityContext:
   fsGroup: null
   runAsUser: null
   runAsGroup: 0
   runAsNonRoot: true

 securityContext:
   fsGroup: null
   runAsUser: null
   runAsGroup: 0
   runAsNonRoot: true
    The default values (user ID = 500) are suitable for many other deployment scenarios:
    secrets:
  securityContext:
    control:
      fsGroup: null
      runAsUser: 500
      runAsGroup: 500
    worker:
      fsGroup: null
      runAsUser: 500
      runAsGroup: 500
Retrieved from "https://all.docs.genesys.com/PEC-REP/Current/GCXIPEGuide/Configure (2025-06-20 18:40:14)"
Comments or questions about this documentation? Contact us for support!