Difference between revisions of "PEC-REP/Current/GIMPEGuide/ConfigureGCA"

From Genesys Documentation
Jump to: navigation, search
(Published)
m (Text replacement - "Genesys Engage [cC]loud" to "Genesys Multicloud CX")
Line 9: Line 9:
 
|structuredtext=Download the gca and gca-monitor Helm charts from JFrog using your credentials. You must override certain parameters in the '''values.yaml''' file to provide deployment-specific values for certain parameters.
 
|structuredtext=Download the gca and gca-monitor Helm charts from JFrog using your credentials. You must override certain parameters in the '''values.yaml''' file to provide deployment-specific values for certain parameters.
  
For general information about overriding Helm chart values, see {{SuiteLevelLink|helmoverride}} in the ''{{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|display text=Genesys Engage Cloud Private Edition Guide}}''.
+
For general information about overriding Helm chart values, see {{SuiteLevelLink|helmoverride}} in the ''{{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|display text=Genesys Multicloud CX Private Edition Guide}}''.
  
 
If you want to use arbitrary UIDs in your OpenShift deployment, you must override the '''securityContext''' settings in the GCA '''values.yaml''' file, so that no user or group IDs are specified. For details, see [[{{FULLPAGENAME}}#Security|Configure security]], below.
 
If you want to use arbitrary UIDs in your OpenShift deployment, you must override the '''securityContext''' settings in the GCA '''values.yaml''' file, so that no user or group IDs are specified. For details, see [[{{FULLPAGENAME}}#Security|Configure security]], below.

Revision as of 20:28, November 9, 2021

This topic is part of the manual Genesys Info Mart Private Edition Guide for version Current of Reporting.

Learn how to configure GIM Config Adapter (GCA).

Override Helm chart values

Download the gca and gca-monitor Helm charts from JFrog using your credentials. You must override certain parameters in the values.yaml file to provide deployment-specific values for certain parameters.

For general information about overriding Helm chart values, see Overriding Helm chart values in the Genesys Multicloud CX Private Edition Guide.

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the GCA values.yaml file, so that no user or group IDs are specified. For details, see Configure security, below.

At a minimum, you must override the following key entries in the GCA values.yaml file:

  • tag - the container image version
  • tenant_id - the TenantID of the tenant in use
  • tenant_uuid - the TenantUUID that matches the TenantID.
  • cfgdb - the tenant configuration database
  • bootstrap - the Kafka address to align with the infrastructure Kafka
  • NODE_EXTRA_CA_CERTS - points to the self-signed OpenShift service CA. This is the default path.
  • s3 - the applicable s3 details defined with the OBC for GSP (see Get S3 data).

The GCA values.yaml file

The following sample GCA values.yaml file, which may not be completely up to date, shows the key parameter values you must override. 

log_level: INFO
tenant_id: shared
tenant_uuid: 9350e2fc-a1dd-4c65-8d40-1f75a2e080dd
image:
  registry: pureengage-docker-staging.jfrog.io
  repository: gim/gca
  pullPolicy: IfNotPresent
  tag: <image-version>
imagePullSecrets:
  pureengage-docker-dev: {}
  pureengage-docker-staging: {}
  jfrog-stage-credentials: {}
  
cfgdb:
  name: '<tenant-db-name>'
  engine: postgre
  port: 5432
  host: 'postgres-rw.infra.svc.cluster.local'
  username: '<db-user>'
  password: '<db-password>'
kafka:
  bootstrap: 'infra-kafka-cp-kafka.infra.svc.cluster.local:9092'
  security:
    protocol: plaintext
  sasl:
    mechanism: PLAIN
extraEnv: |
  - name: SNAPSHOT_STORAGE_PATH
    value: "/tmp"
  - name: NODE_EXTRA_CA_CERTS
    value: "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
#extraVolumeMounts: ''
volumes: |
  - name: kafka-secrets
    secret:
      secretName: {{.Release.Name}}-kafka-secrets
  - name: cfg-db-secrets
    secret:
      secretName: {{.Release.Name}}-cfgdb-secrets
  - name: storage-account-secrets
    secret:
       secretName: {{ .Release.Name }}-storage-secret
ssl_db_connection: false
dnsConfig:
  options:
  - name: ndots
    value: '3'
csi_enabled: false
tolerations: []
resources:
  requests:
    memory: 64Mi
    cpu: '0.01'
  limits:
    memory: 4000Mi
    cpu: '1'
storage:
  wasb:
    url: ''
    account_name: ''
    access_key: ''
  s3:
    bucket: '<bucket-name>'
    gcaSnapshots: '/gca'
    accessKey: '<access-key>'
    secretKey: '<secret-key>'
    useSSL: true
    endPoint: '<bucket-host>'
    port: <bucket-port>

Configure Kubernetes

Content coming soon

Configure security

The security context settings define the privilege and access control settings for pods and containers.

By default, the user and group IDs are set in the GCA values.yaml file as 500:500:500, meaning the genesys user. 

securityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 500

containerSecurityContext: {}

Arbitrary UIDs in OpenShift

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the GCA values.yaml file, so that you do not define any specific IDs. 

securityContext:
  runAsNonRoot: true
  runAsUser: null
  runAsGroup: 0
  fsGroup: null

containerSecurityContext: {}
Retrieved from "https://all.docs.genesys.com/PEC-REP/Current/GIMPEGuide/ConfigureGCA (2025-07-21 23:29:41)"
Comments or questions about this documentation? Contact us for support!