Difference between revisions of "PEC-REP/Current/PulsePEGuide/Provision"

Revision as of 18:46, September 7, 2022

This topic is part of the manual Genesys Pulse Private Edition Guide for version Current of Reporting.

Prerequisites

Before performing the steps described on this page, complete the Before you begin instructions, and ensure that you have the following information:

Versions:
- <image-version> = 100.0.000.0015
- <chart-versions>= 100.0.000+0015
K8S namespace pulse
Project Name pulse
Postgres credentials:
- <db-host>
- <db-port>
- <db-name>
- <db-user>
- <db-user-password>
- <db-ssl-mode>
Docker credentials:
- <docker-registry>
- <docker-registry-secret-name>
Redis credentials:
- <redis-host>
- <redis-port>
- <redis-password>
- <redis-enable-ssl>
Tenant service variables:
- <tenant-uuid>
- <tenant-sid>
- <tenant-name>
- <tenant-dcu>
GAuth/GWS service variables:
- <gauth-url-external>
- <gauth-url-internal>
- <gauth-client-id>
- <gauth-client-secret>
- <gws-url-external>
- <gws-url-internal>
Storage class:
- <pv-storage-class-rw-many>
- <pv-storage-class-rw-once>
Pulse:
- <pulse-host>

Single namespace

Single namespace deployments have a software-defined networking (SDN) with multitenant mode, where namespaces are network isolated. If you plan to deploy Pulse into the single namespace (OpenShift SDN Multi-tenant mode where namespaces are network isolated), ensure that your environment meets the following requirements for inputs:

Back-end services deployed into the single namespace must include the string pulse:
- <db-host>
- <db-name>
- <redis-host>
The hostname used for Ingress must be unique, and must include the string pulse:
- <pulse-host>
Internal service-to-service traffic must use the service endpoints, rather than the Ingress Controller:
- <gauth-url-internal>
- <gws-url-internal></source>

Tenant provisioning

Install init tenant chart

Get the init-tenant helm chart:

helm repo update
helm search repo <pulsehelmrepo>/init-tenant

Prepare the override file:

Update the values-override-init-tenant.yaml file (AKS):

# Default values for init-tenant.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
# * Images
# Replace for your values: registry and secret
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
configurator:
  enabled: true
  # set service domain used to access voice service
  # example for GKE VPC case: voice.svc.gke1-uswest1.gcpe002.gencpe.com
  # example for OpenShift single namespace: genesys.svc.cluster.local.
  voiceDomain: "voice.svc.<domain>"
  # set service domain used to access ixn service
  # example for GKE VPC case: ixn.svc.gke1-uswest1.gcpe002.gencpe.com
  # example for OpenShift single namespace: genesys.svc.cluster.local.
  ixnDomain: "ixn.svc.<domain>"
  # set service domain used to access pulse service
  # example for GKE VPC case: pulse.svc.gke1-uswest1.gcpe002.gencpe.com
  # example for OpenShift single namespace: genesys.svc.cluster.local.
  pulseDomain: "pulse.svc.<domain>"
  # set configration server password, used when create secrets
  cfgUser: "default"
  # set configration server user, used when create secrets
  cfgPassword: "password"
  # common log configuration
  cfgHost: "tenant-9350e2fc-a1dd-4c65-8d40-1f75a2e080dd.voice.svc.<domain>"
 
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: none
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-init-tenant-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
# * Tenant info
# Replace for your values
tenant:
  # Tenant UUID
  id: <tenant-uuid>
  # Tenant SID (like 0001)
  sid: <tenant-sid>
 
# common configuration.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  # set "true" for CSI secrets
  mountSecrets: false
  # Postgres config map name
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext: {}
 
## Resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  limits:
    memory: 256Mi
    cpu: 200m
  requests:
    memory: 128Mi
    cpu: 100m
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
# * Templates
templates:
  - Agent_Group_Status.gpb
  - Agent_KPIs.gpb
  - Agent_Login.gpb
  - Alert_Widget.gpb
  - Callback_Activity.gpb
  - Campaign_Activity.gpb
  - Campaign_Callback_Status.gpb
  - Campaign_Group_Activity.gpb
  - Campaign_Group_Status.gpb
  - Chat_Agent_Activity.gpb
  - Chat_Queue_Activity.gpb
  - Chat_Service_Level_Performance.gpb
  - Chat_Waiting_Statistics.gpb
  - Email_Agent_Activity.gpb
  - Email_Queue_Activity.gpb
  - Facebook_Media_Activity.gpb
  - IFRAME.gpb
  - IWD_Agent_Activity.gpb
  - IWD_Queue_Activity.gpb
  - Queue_KPIs.gpb
  - Queue_Overflow_Reason.gpb
  - Static_Text.gpb
  - Twitter_Media_Activity.gpb
  - eServices_Agent_Activity.gpb
  - eServices_Queue_KPIs.gpb

Update the values-override-init-tenant.yaml file (GKE):
Important
Enable configurator only for configurations in GKE with VPC scoped DNS, or OpenShift with single namespace.

# Default values for init-tenant.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
# * Images
# Replace for your values: registry and secret
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
configurator:
  enabled: true
  # set service domain used to access voice service
  # example for GKE VPC case: voice.svc.gke1-uswest1.gcpe002.gencpe.com
  # example for OpenShift single namespace: genesys.svc.cluster.local.
  voiceDomain: "voice.svc.<domain>"
  # set service domain used to access ixn service
  # example for GKE VPC case: ixn.svc.gke1-uswest1.gcpe002.gencpe.com
  # example for OpenShift single namespace: genesys.svc.cluster.local.
  ixnDomain: "ixn.svc.<domain>"
  # set service domain used to access pulse service
  # example for GKE VPC case: pulse.svc.gke1-uswest1.gcpe002.gencpe.com
  # example for OpenShift single namespace: genesys.svc.cluster.local.
  pulseDomain: "pulse.svc.<domain>"
  # set configration server password, used when create secrets
  cfgUser: "default"
  # set configration server user, used when create secrets
  cfgPassword: "password"
  # common log configuration
  cfgHost: "tenant-<tenant-uuid>.voice.svc.<domain>"
 
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: none
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-init-tenant-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: nfs-client
 
# * Tenant info
# Replace for your values
tenant:
  # Tenant UUID
  id: <tenant-uuid>
  # Tenant SID (like 0001)
  sid: <tenant-sid>
 
# common configuration.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  # set "true" for CSI secrets
  mountSecrets: false
  # Postgres config map name
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
   fsGroup: null
   runAsUser: null
   runAsGroup: 0
   runAsNonRoot: true
 
## Resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  limits:
    memory: 256Mi
    cpu: 200m
  requests:
    memory: 128Mi
    cpu: 100m
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
# * Templates
templates:
  - Agent_Group_Status.gpb
  - Agent_KPIs.gpb
  - Agent_Login.gpb
  - Alert_Widget.gpb
  - Callback_Activity.gpb
  - Campaign_Activity.gpb
  - Campaign_Callback_Status.gpb
  - Campaign_Group_Activity.gpb
  - Campaign_Group_Status.gpb
  - Chat_Agent_Activity.gpb
  - Chat_Queue_Activity.gpb
  - Chat_Service_Level_Performance.gpb
  - Chat_Waiting_Statistics.gpb
  - Email_Agent_Activity.gpb
  - Email_Queue_Activity.gpb
  - Facebook_Media_Activity.gpb
  - IFRAME.gpb
  - IWD_Agent_Activity.gpb
  - IWD_Queue_Activity.gpb
  - Queue_KPIs.gpb
  - Queue_Overflow_Reason.gpb
  - Static_Text.gpb
  - Twitter_Media_Activity.gpb
  - eServices_Agent_Activity.gpb
  - eServices_Queue_KPIs.gpb

Update the values-override-init-tenant.yaml file (OpenShift):

# Default values for init-tenant.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
# * Images
# Replace for your values: registry and secret
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
# * Tenant info
# Replace for your values
tenant:
  # Tenant UUID
  id: <tenant-uuid>
  # Tenant SID (like 0001)
  sid: <tenant-sid>
 
# common configuration.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  # set "true" for CSI secrets
  mountSecrets: false
  # Postgres config map name
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
   fsGroup: null
   runAsUser: null
   runAsGroup: 0
   runAsNonRoot: true
 
## Resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  limits:
    memory: 256Mi
    cpu: 200m
  requests:
    memory: 128Mi
    cpu: 100m
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
# * Templates
templates:
  - Agent_Group_Status.gpb
  - Agent_KPIs.gpb
  - Agent_Login.gpb
  - Alert_Widget.gpb
  - Callback_Activity.gpb
  - Campaign_Activity.gpb
  - Campaign_Callback_Status.gpb
  - Campaign_Group_Activity.gpb
  - Campaign_Group_Status.gpb
  - Chat_Agent_Activity.gpb
  - Chat_Queue_Activity.gpb
  - Chat_Service_Level_Performance.gpb
  - Chat_Waiting_Statistics.gpb
  - Email_Agent_Activity.gpb
  - Email_Queue_Activity.gpb
  - Facebook_Media_Activity.gpb
  - IFRAME.gpb
  - IWD_Agent_Activity.gpb
  - IWD_Queue_Activity.gpb
  - Queue_KPIs.gpb
  - Queue_Overflow_Reason.gpb
  - Static_Text.gpb
  - Twitter_Media_Activity.gpb
  - eServices_Agent_Activity.gpb
  - eServices_Queue_KPIs.gpb

Install the init-tenant helm chart:
To install the init-tenant helm chart, run the following command:

helm upgrade --install "pulse-init-tenant-<tenant-sid>" pulsehelmrepo/init-tenant --wait --wait-for-jobs --version="<chart-version>"--namespace=pulse -f values-override-init-tenant.yaml

If installation is successful, the exit code 0 appears.

Validate the init-tenant helm chart:
To validate the init-tenant helm chart, run the following command:

kubectl get pods -n="pulse" -l "app.kubernetes.io/name=init-tenant,app.kubernetes.io/instance=pulse-init-tenant-<tenant-sid>"

If the deployment was successful, the pulse-init-tenant job is listed as Completed/. For example:

NAME                                     READY   STATUS      RESTARTS   AGE
pulse-init-tenant-100-job-qszgl          0/1     Completed   0          2d20h

Install dcu helm chart

Get the dcu helm chart:

helm repo update
helm search repo <pulsehelmrepo>/dcu

Prepare the override file:

Update the values-override-dcu.yaml file (AKS):

# Default values for dcu.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
replicaCount: "<tenant-dcu>"
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-dcu-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
# * Config info
# Set your values.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  mountSecrets: false
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
  redisConfig: "pulse-redis-configmap"
  # Redis secret name
  redisSecret: "pulse-redis-secret"
  # Redis secret key for access key
  redisSecretKey: "REDIS01_KEY"
 
# * Image
# container image common settings
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext: {}
 
## Add labels to all pods
##
podLabels: {}
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
 
# * Monitoring settings
monitoring:
  # enable the Prometheus metrics endpoint
  enabled: false
  # enable golden signals metrics (not supported for PE)
  goldenSignals:
    enabled: false
  # port number of the Prometheus metrics endpoint
  port: 9091
  # HTTP path to scrape for metrics
  path: /metrics
  # additional annotations required for monitoring PODs
  # you can reference values of other variables as {{.Values.variable.full.name}}
  podAnnotations: {}
    # prometheus.io/scrape: "true"
    # prometheus.io/port: "{{.Values.monitoring.port}}"
    # prometheus.io/path: "/metrics"
  podMonitor:
    # enables PodMonitor creation for the POD
    enabled: true
    # interval at which metrics should be scraped
    scrapeInterval: 30s
    # timeout after which the scrape is ended
    scrapeTimeout:
    # namespace of the PodMonitor, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
  alerts:
    # enables alert rules
    enabled: true
    # alert condition duration
    duration: 5m
    # namespace of the alert rules, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
   
 
##########################################################################
 
# * Configuration for the Collector container
collector:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "300Mi"
      # minimal CPU to reserve
      cpu: "200m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "8000m"
  # securityContext: {}
 
# * Configuration for the StatServer container
statserver:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "300Mi"
      # minimal CPU to reserve
      cpu: "100m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "4000m"
  # securityContext: {}
 
# * Configuration for the monitor sidecar container
monitorSidecar:
  # resource limits for container
  resources:
    # disabled: true
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "30Mi"
      # minimal CPU to reserve
      cpu: "2m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "70Mi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "10m"
  # securityContext: {}
 
##########################################################################
 
# * Configuration for the Configuration Server Proxy container
csproxy:
  # define domain for the configuration host
  params:
    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext: {}
 
# volumeClaims contains persistent volume claims for services
# All available storage classes can be found here:
# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
volumeClaims:
  # statserverBackup is storage for statserver backup data
  statserverBackup:
    name: statserver-backup
    accessModes:
      - ReadWriteOnce
    # capacity is storage capacity
    capacity: "1Gi"
    # class is storage class. Must be set explicitly.
    class: <pv-storage-class-rw-once>

Update the values-override-dcu.yaml file (GKE):

# Default values for dcu.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
replicaCount: "<tenant-dcu>"
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-dcu-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
# * Config info
# Set your values.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  mountSecrets: false
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
  redisConfig: "pulse-redis-configmap"
  # Redis secret name
  redisSecret: "pulse-redis-secret"
  # Redis secret key for access key
  redisSecretKey: "REDIS01_KEY"
 
# * Image
# container image common settings
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 0
 
## Add labels to all pods
##
podLabels: {}
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
 
# * Monitoring settings
monitoring:
  # enable the Prometheus metrics endpoint
  enabled: false
  # enable golden signals metrics (not supported for PE)
  goldenSignals:
    enabled: false
  # port number of the Prometheus metrics endpoint
  port: 9091
  # HTTP path to scrape for metrics
  path: /metrics
  # additional annotations required for monitoring PODs
  # you can reference values of other variables as {{.Values.variable.full.name}}
  podAnnotations: {}
    # prometheus.io/scrape: "true"
    # prometheus.io/port: "{{.Values.monitoring.port}}"
    # prometheus.io/path: "/metrics"
  podMonitor:
    # enables PodMonitor creation for the POD
    enabled: true
    # interval at which metrics should be scraped
    scrapeInterval: 30s
    # timeout after which the scrape is ended
    scrapeTimeout:
    # namespace of the PodMonitor, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
  alerts:
    # enables alert rules
    enabled: true
    # alert condition duration
    duration: 5m
    # namespace of the alert rules, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
   
 
##########################################################################
 
# * Configuration for the Collector container
collector:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "300Mi"
      # minimal CPU to reserve
      cpu: "200m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "8000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Configuration for the StatServer container
statserver:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "300Mi"
      # minimal CPU to reserve
      cpu: "100m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "4000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Configuration for the monitor sidecar container
monitorSidecar:
  # resource limits for container
  resources:
    # disabled: true
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "30Mi"
      # minimal CPU to reserve
      cpu: "2m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "70Mi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "10m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
##########################################################################
 
# * Configuration for the Configuration Server Proxy container
csproxy:
  # define domain for the configuration host
  params:
    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# volumeClaims contains persistent volume claims for services
# All available storage classes can be found here:
# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
volumeClaims:
  # statserverBackup is storage for statserver backup data
  statserverBackup:
    name: statserver-backup
    accessModes:
      - ReadWriteOnce
    # capacity is storage capacity
    capacity: "1Gi"
    # class is storage class. Must be set explicitly.
    class: <pv-storage-class-rw-once>

Update the values-override-dcu.yaml file (OpenShift):

# Default values for dcu.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
replicaCount: "<tenant-dcu>"
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-dcu-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
# * Config info
# Set your values.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  mountSecrets: false
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
  redisConfig: "pulse-redis-configmap"
  # Redis secret name
  redisSecret: "pulse-redis-secret"
  # Redis secret key for access key
  redisSecretKey: "REDIS01_KEY"
 
# * Image
# container image common settings
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 0
 
## Add labels to all pods
##
podLabels: {}
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
 
# * Monitoring settings
monitoring:
  # enable the Prometheus metrics endpoint
  enabled: false
  # enable golden signals metrics (not supported for PE)
  # not needed since 100.0.000.0015
  goldenSignals:
    enabled: false
  # port number of the Prometheus metrics endpoint
  port: 9091
  # HTTP path to scrape for metrics
  path: /metrics
  # additional annotations required for monitoring PODs
  # you can reference values of other variables as {{.Values.variable.full.name}}
  podAnnotations: {}
  # additional annotations required for monitoring Service
  # you can reference values of other variables as {{.Values.variable.full.name}}
  # available since 100.0.000.0015
  serviceAnnotations: {}    
    # prometheus.io/scrape: "true"
    # prometheus.io/port: "{{.Values.monitoring.port}}"
    # prometheus.io/path: "/metrics"
  podMonitor:
    # enables PodMonitor creation for the POD
    enabled: true
    # interval at which metrics should be scraped
    scrapeInterval: 30s
    # timeout after which the scrape is ended
    scrapeTimeout:
    # namespace of the PodMonitor, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
  alerts:
    # enables alert rules
    enabled: true
    # alert condition duration
    duration: 5m
    # namespace of the alert rules, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
 
##########################################################################
 
# * Configuration for the Collector container
collector:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "300Mi"
      # minimal CPU to reserve
      cpu: "200m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "8000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Configuration for the StatServer container
statserver:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "300Mi"
      # minimal CPU to reserve
      cpu: "100m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "4000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Configuration for the monitor sidecar container
monitorSidecar:
  # resource limits for container
  resources:
    # disabled: true
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "30Mi"
      # minimal CPU to reserve
      cpu: "2m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "70Mi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "10m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
##########################################################################
 
# * Configuration for the Configuration Server Proxy container
csproxy:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# volumeClaims contains persistent volume claims for services
# All available storage classes can be found here:
# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
volumeClaims:
  # statserverBackup is storage for statserver backup data
  statserverBackup:
    name: statserver-backup
    accessModes:
      - ReadWriteOnce
    # capacity is storage capacity
    capacity: "1Gi"
    # class is storage class. Must be set explicitly.
    class: <pv-storage-class-rw-once>

Install the dcu helm chart
To install the dcu helm chart, run the following command:

helm upgrade --install "pulse-dcu-<tenant-sid>"  pulsehelmrepo/dcu --wait --reuse-values --version=<chart-version> --namespace=pulse -f values-override-dcu.yaml

Validate the dcu helm chart
To validate the dcu helm chart, run the following command:

kubectl get pods -n=pulse -l "app.kubernetes.io/name=dcu,app.kubernetes.io/instance=pulse-dcu-<tenant-sid>"

Check the output to ensure that all pulse-dcu pods are running, for example:

NAME              READY   STATUS    RESTARTS   AGE
pulse-dcu-100-0   3/3     Running   0          5m23s
pulse-dcu-100-1   3/3     Running   0          4m47s

Install lds helm chart

Get the lds helm chart:

helm repo update
helm search repo  <pulsehelmrepo>/lds

Prepare the override file:

Update values in the values-override-lds.yaml file (AKS):

# Default values for lds.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
replicaCount: 2
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-lds-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
# * Container image common settings
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext: {}
 
## Add labels to all pods
##
podLabels: {}
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
 
# * Monitoring settings
monitoring:
  # enable the Prometheus metrics endpoint
  enabled: false
  # enable golden signals metrics (not supported for PE)
  goldenSignals:
    enabled: false
  # port number of the Prometheus metrics endpoint
  port: 9091
  # HTTP path to scrape for metrics
  path: /metrics
  # additional annotations required for monitoring PODs
  # you can reference values of other variables as {{.Values.variable.full.name}}
  podAnnotations: {}
    # prometheus.io/scrape: "true"
    # prometheus.io/port: "{{.Values.monitoring.port}}"
    # prometheus.io/path: "/metrics"
  podMonitor:
    # enables PodMonitor creation for the POD
    enabled: true
    # interval at which metrics should be scraped
    scrapeInterval: 30s
    # timeout after which the scrape is ended
    scrapeTimeout:
    # namespace of the PodMonitor, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
  alerts:
    # enables alert rules
    enabled: true
    # alert condition duration
    duration: 5m
    # namespace of the alert rules, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
 
# * Configuration for the LDS container
lds:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "50Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "4000m"
  # securityContext: {}
 
# * Configuration for the monitor sidecar container
monitorSidecar:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "30Mi"
      # minimal CPU to reserve
      cpu: "2m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "70Mi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "10m"
  # securityContext: {}
 
# *  Configuration for the Configuration Server Proxy container
csproxy:
  # define domain for the configuration host
  params:
    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext: {}

Update values in the values-override-lds.yaml file (GKE):

# Default values for lds.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
replicaCount: 2
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-lds-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
# * Container image common settings
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 0
 
## Add labels to all pods
##
podLabels: {}
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
 
# * Monitoring settings
monitoring:
  # enable the Prometheus metrics endpoint
  enabled: false
  # enable golden signals metrics (not supported for PE)
  goldenSignals:
    enabled: false
  # port number of the Prometheus metrics endpoint
  port: 9091
  # HTTP path to scrape for metrics
  path: /metrics
  # additional annotations required for monitoring PODs
  # you can reference values of other variables as {{.Values.variable.full.name}}
  podAnnotations: {}
    # prometheus.io/scrape: "true"
    # prometheus.io/port: "{{.Values.monitoring.port}}"
    # prometheus.io/path: "/metrics"
  podMonitor:
    # enables PodMonitor creation for the POD
    enabled: true
    # interval at which metrics should be scraped
    scrapeInterval: 30s
    # timeout after which the scrape is ended
    scrapeTimeout:
    # namespace of the PodMonitor, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
  alerts:
    # enables alert rules
    enabled: true
    # alert condition duration
    duration: 5m
    # namespace of the alert rules, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
 
# * Configuration for the LDS container
lds:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "50Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "4000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Configuration for the monitor sidecar container
monitorSidecar:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "30Mi"
      # minimal CPU to reserve
      cpu: "2m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "70Mi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "10m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# *  Configuration for the Configuration Server Proxy container
csproxy:
  # define domain for the configuration host
  params:
    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500

Update values in the values-override-lds.yaml file (OpenShift):

# Default values for lds.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
replicaCount: 2
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-lds-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
# * Container image common settings
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
## Service account settings
serviceAccount:
  # Specifies whether a service account should be created
  create: false
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 
## Add annotations to all pods
##
podAnnotations: {}
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
  runAsNonRoot: true
  runAsUser: 500
  runAsGroup: 500
  fsGroup: 0
 
## Add labels to all pods
##
podLabels: {}
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
 
# * Monitoring settings
monitoring:
  # enable the Prometheus metrics endpoint
  enabled: false
  # enable golden signals metrics (not supported for PE)
  # not needed since 100.0.000.0015
  goldenSignals:
    enabled: false
  # port number of the Prometheus metrics endpoint
  port: 9091
  # HTTP path to scrape for metrics
  path: /metrics
  # additional annotations required for monitoring PODs
  # you can reference values of other variables as {{.Values.variable.full.name}}
  podAnnotations: {}
  # additional annotations required for monitoring Service
  # you can reference values of other variables as {{.Values.variable.full.name}}
  # available since 100.0.000.0015
  serviceAnnotations: {}       
    # prometheus.io/scrape: "true"
    # prometheus.io/port: "{{.Values.monitoring.port}}"
    # prometheus.io/path: "/metrics"
  podMonitor:
    # enables PodMonitor creation for the POD
    enabled: true
    # interval at which metrics should be scraped
    scrapeInterval: 30s
    # timeout after which the scrape is ended
    scrapeTimeout:
    # namespace of the PodMonitor, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
  alerts:
    # enables alert rules
    enabled: true
    # alert condition duration
    duration: 5m
    # namespace of the alert rules, defaults to the namespace of the POD
    namespace:
    additionalLabels: {}
 
# * Configuration for the LDS container
lds:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "50Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "4Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "4000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Configuration for the monitor sidecar container
monitorSidecar:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "30Mi"
      # minimal CPU to reserve
      cpu: "2m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "70Mi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "10m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# *  Configuration for the Configuration Server Proxy container
csproxy:
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500

Update values in the values-override-lds-vq.yaml file:

# Default values for lds.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
lds:
  params:
    cfgApp: "pulse-lds-vq-$((K8S_POD_INDEX % 2))"
 
log:
  pvc:
    name: pulse-lds-vq-logs

Install the lds helm chart:
To install the lds helm chart, run the following command:

helm upgrade --install "pulse-lds-<tenant-sid>"    pulsehelmrepo/lds --wait --version=<chart-version> --namespace=pulse -f values-override-lds.yaml
helm upgrade --install "pulse-lds-vq-<tenant-sid>" pulsehelmrepo/lds --wait --version=<chart-version> --namespace=pulse -f values-override-lds.yaml -f values-override-lds-vq.yaml

If the installation is successful, the exit code 0 appears.

Validate the lds helm chart:
To validate the lds helm chart, run the following command:

kubectl get pods -n=pulse -l "app.kubernetes.io/name=lds,app.kubernetes.io/instance=pulse-lds-<tenant-sid>"

Verify that the command reports all pulse-lds-vq pods as Running, for example:

NAME              READY   STATUS    RESTARTS   AGE
pulse-lds-100-0   3/3     Running   0          2d20h
pulse-lds-100-1   3/3     Running   0          2d20h

Install permissions helm chart

Get the permissions helm chart

helm repo update
helm search repo <pulsehelmrepo>/permissions

Prepare the override file:

Update values in the values-override-permissions.yaml file (AKS):

# Default values for permissions.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
# * Image configuration
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# common configuration.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  # set "true" for CSI secrets
  mountSecrets: false
  # Postgres config map name
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
  # Redis config map name
  redisConfig: "pulse-redis-configmap"
  # Redis secret name
  redisSecret: "pulse-redis-secret"
  # Redis secret key for access key
  redisSecretKey: "REDIS01_KEY"
 
 
# * Configuration for the Configuration Server Proxy container
csproxy:
  # define domain for the configuration host
  params:
    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext: {}
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-permissions-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
## Specifies the security context for all Pods in the service
##
podSecurityContext: {}
 
## Resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  limits:
    memory: "1Gi"
    cpu: "500m"
  requests:
    memory: "400Mi"
    cpu: "50m"
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

Update values in the values-override-permissions.yaml file (GKE):

# Default values for permissions.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
# * Image configuration
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# common configuration.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  # set "true" for CSI secrets
  mountSecrets: false
  # Postgres config map name
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
  # Redis config map name
  redisConfig: "pulse-redis-configmap"
  # Redis secret name
  redisSecret: "pulse-redis-secret"
  # Redis secret key for access key
  redisSecretKey: "REDIS01_KEY"
 
 
# * Configuration for the Configuration Server Proxy container
csproxy:
  # define domain for the configuration host
  params:
    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-permissions-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
   fsGroup: null
   runAsUser: null
   runAsGroup: 0
   runAsNonRoot: true
 
## Resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  limits:
    memory: "1Gi"
    cpu: "500m"
  requests:
    memory: "400Mi"
    cpu: "50m"
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

Update values in the values-override-permissions.yaml file (OpenShift):

# Default values for permissions.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
 
# * Image configuration
image:
  tag: "<image-version>"
  pullPolicy: IfNotPresent
  registry: "<docker-registry>"
  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 
# * Tenant info
# tenant identification, or empty for shared deployment
tenant:
  # Tenant UUID
  id: "<tenant-uuid>"
  # Tenant SID (like 0001)
  sid: "<tenant-sid>"
 
# common configuration.
config:
  dbName: "<db-name>"
  # set "true" when need @host added for username
  dbUserWithHost: true
  # set "true" for CSI secrets
  mountSecrets: false
  # Postgres config map name
  postgresConfig: "pulse-postgres-configmap"
  # Postgres secret name
  postgresSecret: "pulse-postgres-secret"
  # Postgres secret key for user
  postgresSecretUser: "META_DB_ADMIN"
  # Postgres secret key for password
  postgresSecretPassword: "META_DB_ADMINPWD"
  # Redis config map name
  redisConfig: "pulse-redis-configmap"
  # Redis secret name
  redisSecret: "pulse-redis-secret"
  # Redis secret key for access key
  redisSecretKey: "REDIS01_KEY"
 
 
# * Configuration for the Configuration Server Proxy container
csproxy:
  # resource limits for container
  resources:
    # minimum resource requirements to start container
    requests:
      # minimal amount of memory required to start a container
      memory: "200Mi"
      # minimal CPU to reserve
      cpu: "50m"
    # resource limits for containers
    limits:
      # maximum amount of memory a container can use before being evicted
      # by the OOM Killer
      memory: "2Gi"
      # maximum amount of CPU resources that can be used and should be tuned to reflect
      # what the application can effectively use before needing to be horizontally scaled out
      cpu: "1000m"
  # securityContext:
  #   runAsUser: 500
  #   runAsGroup: 500
 
# * Common log configuration
log:
  # target directory where log will be stored, leave empty for default
  logDir: ""
  # path where volume will be mounted
  volumeMountPath: /data/log
  # log volume type: none | hostpath | pvc
  volumeType: pvc
  # log volume hostpath, used with volumeType "hostpath"
  volumeHostPath: /mnt/log
  # log PVC parameters, used with volumeType "pvc"
  pvc:
    name: pulse-permissions-logs
    accessModes:
      - ReadWriteMany
    capacity: 10Gi
    class: <pv-storage-class-rw-many>
 
## Specifies the security context for all Pods in the service
##
podSecurityContext:
   fsGroup: null
   runAsUser: null
   runAsGroup: 0
   runAsNonRoot: true
 
## Resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  limits:
    memory: "1Gi"
    cpu: "500m"
  requests:
    memory: "400Mi"
    cpu: "50m"
 
## HPA Settings
## Not supported in this release!
hpa:
  enabled: false
 
## Priority Class
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""
 
## Node labels for assignment.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
 
## Tolerations for assignment.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
 
## Pod Disruption Budget Settings
podDisruptionBudget:
  enabled: false
 
## Affinity for assignment.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

Install the permissions helm chart: To install the permissions helm chart, run the following command:

helm upgrade --install "pulse-permissions-<tenant-sid>" pulsehelmrepo/permissions --wait --version="<chart-version>" --namespace=pulse -f values-override-permissions.yaml

If installation is successful, the exit code 0 appears.

Validate the permissions helm chart:
To validate the permissions helm chart, run the following command:

kubectl get pods -n=pulse -l "app.kubernetes.io/name=permissions,app.kubernetes.io/instance=pulse-permissions-<tenant-sid>"

Verify that the command report all pulse-permissions pods as Running, for example:

NAME                                    READY   STATUS    RESTARTS   AGE
pulse-permissions-100-c5ff8bb7d-jl7d7   2/2     Running   2          2d20h

Troubleshooting

Check init-tenant helm chart manifests:
To output the manifest into the helm-template directory, run the following command:

helm template --version=<chart-version> --namespace=pulse --debug --output-dir helm-template pulse-init-tenant-<tenant-sid> pulsehelmrepo/init-tenant -f values-override-init-tenant.yaml

Check dcu helm chart manifests:
To output the dcu Helm chart manifest into the helm-template directory, run the following command:

helm template --version=<chart-version> --namespace=pulse --debug --output-dir helm-template pulse-dcu-<tenant-sid> pulsehelmrepo/dcu -f values-override-dcu.yaml

Check lds helm chart manifests:
To output the lds chart manifest into the helm-template directory, run the following command:

helm template --version=<chart-version> --namespace=pulse --debug --output-dir helm-template pulse-lds-<tenant-sid> pulsehelmrepo/lds -f values-override-lds.yaml

Check permissions Helm chart manifests:
To output the Helm chart manifest into the helm-template directory, run the following command:

helm template --version=<chart-version> --namespace=pulse --debug --output-dir helm-template pulse-permissions pulsehelmrepo/permissions -f values-override-permissions.yaml

Configure security

Arbitrary UIDs

If your OpenShift deployment uses arbitrary UIDs, you must override the securityContext settings. By default, the user and group IDs are set to 500:500:500. For more information about how to update the podSecurityContext section in the YAML file for each chart, see OpenShift security settings.

Genesys Pulse Private Edition Guide

Overview

Configure and deploy

Upgrade, roll back, or uninstall

Observability

Difference between revisions of "PEC-REP/Current/PulsePEGuide/Provision"

Revision as of 18:46, September 7, 2022

Contents

Prerequisites

Single namespace

Tenant provisioning

Install init tenant chart

Install dcu helm chart

Install lds helm chart

Install permissions helm chart

Troubleshooting

Configure security

Arbitrary UIDs

@@ Line 11: / Line 11: @@
 *Versions:
-**<image-version> = 100.0.000.0012
+**<image-version> = 100.0.000.0015
-**<chart-versions>= 100.0.000+0012
+**<chart-versions>= 100.0.000+0015
 *K8S namespace pulse
 *Project Name pulse
@@ Line 47: / Line 47: @@
 *Pulse:
 **<pulse-host>
-*Domain:
-**<domain> example: site.domain.com
+{{AnchorDiv|SingleNamespace}}
+===Single namespace===
+Single namespace deployments have a software-defined networking (SDN) with multitenant mode, where namespaces are network isolated. If you plan to deploy Pulse into the single namespace (OpenShift SDN Multi-tenant mode where namespaces are network isolated), ensure that your environment meets the following requirements for inputs:
+*Back-end services deployed into the single namespace must include the string ''pulse'':
+**<db-host>
+**<db-name>
+**<redis-host>
+*The hostname used for Ingress must be unique, and must include the string ''pulse'':
+**<pulse-host>
+*Internal service-to-service traffic must use the service endpoints, rather than the Ingress Controller:
+**<gauth-url-internal>
+**<gws-url-internal><nowiki></source></nowiki>
 |Status=No
 }}{{Section
@@ Line 60: / Line 72: @@
 '''Prepare the override file:'''
-*Update the <tt>values-override-init-tenant.yaml</tt>  file (GKE):
+*Update the <tt>values-override-init-tenant.yaml</tt>  file (AKS):
-*:{{NoteFormat|Enable configurator only for configurations in GKE with VPC scoped DNS, or OpenShift with single namespace.
-}}
 *:<source lang="bash"># Default values for init-tenant.
 # This is a YAML-formatted file.
@@ Line 95: / Line 104: @@
    cfgPassword: "password"
    # common log configuration
-   cfgHost: "tenant-<tenant-uuid>.voice.svc.<domain>"
+   cfgHost: "tenant-9350e2fc-a1dd-4c65-8d40-1f75a2e080dd.voice.svc.<domain>"
 log:
@@ Line 112: / Line 121: @@
        - ReadWriteMany
      capacity: 10Gi
-     class: nfs-client
+     class: <pv-storage-class-rw-many>
 # * Tenant info
@@ Line 154: / Line 163: @@
 ## Specifies the security context for all Pods in the service
 ##
-podSecurityContext:
+podSecurityContext: {}
-   fsGroup: null
-   runAsUser: null
-   runAsGroup: 0
-   runAsNonRoot: true
 ## Resource requests and limits
@@ Line 212: / Line 217: @@
    - Twitter_Media_Activity.gpb
    - eServices_Agent_Activity.gpb
-   - eServices_Queue_KPIs.gpb
+   - eServices_Queue_KPIs.gpb</source>
-</source>
-*Update the <tt>values-override-init-tenant.yaml</tt>  file (OpenShift):
+*Update the <tt>values-override-init-tenant.yaml</tt>  file (GKE):
-*:<source lang="bash">
+*:{{NoteFormat|Enable configurator only for configurations in GKE with VPC scoped DNS, or OpenShift with single namespace.
-# Default values for init-tenant.
+}}
+*:<source lang="bash"># Default values for init-tenant.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
@@ Line 228: / Line 235: @@
    imagePullSecrets: [name: "<docker-registry-secret-name>"]
-# * Tenant info
+configurator:
-# Replace for your values
+  enabled: true
-tenant:
+  # set service domain used to access voice service
-   # Tenant UUID
+  # example for GKE VPC case: voice.svc.gke1-uswest1.gcpe002.gencpe.com
-   id: <tenant-uuid>
+  # example for OpenShift single namespace: genesys.svc.cluster.local.
-   # Tenant SID (like 0001)
+  voiceDomain: "voice.svc.<domain>"
-   sid: <tenant-sid>
+  # set service domain used to access ixn service
+  # example for GKE VPC case: ixn.svc.gke1-uswest1.gcpe002.gencpe.com
+   # example for OpenShift single namespace: genesys.svc.cluster.local.
+   ixnDomain: "ixn.svc.<domain>"
+  # set service domain used to access pulse service
+  # example for GKE VPC case: pulse.svc.gke1-uswest1.gcpe002.gencpe.com
+  # example for OpenShift single namespace: genesys.svc.cluster.local.
+  pulseDomain: "pulse.svc.<domain>"
+   # set configration server password, used when create secrets
+   cfgUser: "default"
+  # set configration server user, used when create secrets
+  cfgPassword: "password"
+  # common log configuration
+  cfgHost: "tenant-<tenant-uuid>.voice.svc.<domain>"
-# common configuration.
+log:
+  # target directory where log will be stored, leave empty for default
+  logDir: ""
+  # path where volume will be mounted
+  volumeMountPath: /data/log
+  # log volume type: none | hostpath | pvc
+  volumeType: none
+  # log volume hostpath, used with volumeType "hostpath"
+  volumeHostPath: /mnt/log
+  # log PVC parameters, used with volumeType "pvc"
+  pvc:
+    name: pulse-init-tenant-logs
+    accessModes:
+      - ReadWriteMany
+    capacity: 10Gi
+    class: nfs-client
+# * Tenant info
+# Replace for your values
+tenant:
+  # Tenant UUID
+  id: <tenant-uuid>
+  # Tenant SID (like 0001)
+  sid: <tenant-sid>
+# common configuration.
 config:
    dbName: "<db-name>"
@@ Line 328: / Line 373: @@
    - eServices_Queue_KPIs.gpb
 </source>
+*Update the <tt>values-override-init-tenant.yaml</tt>  file (OpenShift):
-'''Install the <tt>init-tenant</tt> helm chart''': <br />
+*:<source lang="bash">
-To install the <tt>init-tenant</tt> helm chart, run the following command:
+# Default values for init-tenant.
-<source lang="bash">
-helm upgrade --install "pulse-init-tenant-<tenant-sid>" pulsehelmrepo/init-tenant --wait --wait-for-jobs --version="<chart-version>"--namespace=pulse -f values-override-init-tenant.yaml
-</source>
-If installation is successful, the exit code <tt>0</tt> appears.
-'''Validate the <tt>init-tenant</tt> helm chart''':<br />
-To validate the <tt>init-tenant</tt> helm chart, run the following command:
-<source lang="bash">
-kubectl get pods -n="pulse" -l "app.kubernetes.io/name=init-tenant,app.kubernetes.io/instance=pulse-init-tenant-<tenant-sid>"
-</source>
-If the deployment was successful, the <tt>pulse-init-tenant</tt> job is listed as <tt>Completed</tt>/.
-For example:
-<source lang="bash">
-NAME                                     READY   STATUS      RESTARTS   AGE
-pulse-init-tenant-100-job-qszgl          0/1     Completed   0          2d20h
-</source>
-===Install dcu helm chart===
-'''Get the <tt>dcu</tt> helm chart:'''
-<source lang="bash">
-helm repo update
-helm search repo <pulsehelmrepo>/dcu
-</source>
-'''Prepare the override file:'''
-*Update the <tt>values-override-dcu.yaml</tt> file (GKE):
-*:<source lang="bash"># Default values for dcu.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
-replicaCount: "<tenant-dcu>"
+# * Images
+# Replace for your values: registry and secret
+image:
+  tag: "<image-version>"
+  pullPolicy: IfNotPresent
+  registry: "<docker-registry>"
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
 # * Tenant info
-# tenant identification, or empty for shared deployment
+# Replace for your values
 tenant:
    # Tenant UUID
-   id: "<tenant-uuid>"
+   id: <tenant-uuid>
    # Tenant SID (like 0001)
-   sid: "<tenant-sid>"
+   sid: <tenant-sid>
-# * Common log configuration
+# common configuration.
-log:
+config:
-  # target directory where log will be stored, leave empty for default
+   dbName: "<db-name>"
-  logDir: ""
+   # set "true" when need @host added for username
-  # path where volume will be mounted
+   dbUserWithHost: true
-  volumeMountPath: /data/log
+  # set "true" for CSI secrets
-  # log volume type: none | hostpath | pvc
+   mountSecrets: false
-  volumeType: pvc
+  # Postgres config map name
-  # log volume hostpath, used with volumeType "hostpath"
+   postgresConfig: "pulse-postgres-configmap"
-  volumeHostPath: /mnt/log
-  # log PVC parameters, used with volumeType "pvc"
-  pvc:
-    name: pulse-dcu-logs
-    accessModes:
-      - ReadWriteMany
-    capacity: 10Gi
-    class: <pv-storage-class-rw-many>
-# * Config info
-# Set your values.
-config:
-   dbName: "<db-name>"
-   # set "true" when need @host added for username
-   dbUserWithHost: true
-   mountSecrets: false
-   postgresConfig: "pulse-postgres-configmap"
    # Postgres secret name
    postgresSecret: "pulse-postgres-secret"
@@ Line 405: / Line 410: @@
    # Postgres secret key for password
    postgresSecretPassword: "META_DB_ADMINPWD"
-  redisConfig: "pulse-redis-configmap"
-  # Redis secret name
-  redisSecret: "pulse-redis-secret"
-  # Redis secret key for access key
-  redisSecretKey: "REDIS01_KEY"
-# * Image
+## Service account settings
-# container image common settings
+serviceAccount:
-image:
+   # Specifies whether a service account should be created
-  tag: "<image-version>"
+   create: false
-  pullPolicy: IfNotPresent
-  registry: "<docker-registry>"
-  imagePullSecrets: [name: "<docker-registry-secret-name>"]
-## Service account settings
-serviceAccount:
-   # Specifies whether a service account should be created
-   create: false
    # Annotations to add to the service account
    annotations: {}
@@ Line 436: / Line 428: @@
 ##
 podSecurityContext:
-  runAsNonRoot: true
+   fsGroup: null
-  runAsUser: 500
+   runAsUser: null
-  runAsGroup: 500
+   runAsGroup: 0
-  fsGroup: 0
+   runAsNonRoot: true
-## Add labels to all pods
+## Resource requests and limits
+## ref: http://kubernetes.io/docs/user-guide/compute-resources/
 ##
-podLabels: {}
+resources:
+  limits:
+    memory: 256Mi
+    cpu: 200m
+  requests:
+    memory: 128Mi
+    cpu: 100m
-## HPA Settings
+## Priority Class
-## Not supported in this release!
-hpa:
-  enabled: false
-## Priority Class
 ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
 ##
@@ Line 465: / Line 459: @@
 tolerations: []
-## Pod Disruption Budget Settings
+# * Templates
-podDisruptionBudget:
+templates:
-   enabled: false
+   - Agent_Group_Status.gpb
+  - Agent_KPIs.gpb
-## Affinity for assignment.
+  - Agent_Login.gpb
-## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+  - Alert_Widget.gpb
-##
+  - Callback_Activity.gpb
-affinity: {}
+  - Campaign_Activity.gpb
+  - Campaign_Callback_Status.gpb
-# * Monitoring settings
+  - Campaign_Group_Activity.gpb
-monitoring:
+  - Campaign_Group_Status.gpb
-   # enable the Prometheus metrics endpoint
+  - Chat_Agent_Activity.gpb
-   enabled: false
+  - Chat_Queue_Activity.gpb
-   # enable golden signals metrics (not supported for PE)
+  - Chat_Service_Level_Performance.gpb
-   goldenSignals:
+  - Chat_Waiting_Statistics.gpb
-    enabled: false
+  - Email_Agent_Activity.gpb
-   # port number of the Prometheus metrics endpoint
+  - Email_Queue_Activity.gpb
-   port: 9091
+  - Facebook_Media_Activity.gpb
-   # HTTP path to scrape for metrics
+   - IFRAME.gpb
-   path: /metrics
+   - IWD_Agent_Activity.gpb
-  # additional annotations required for monitoring PODs
+   - IWD_Queue_Activity.gpb
-  # you can reference values of other variables as {{.Values.variable.full.name}}
+   - Queue_KPIs.gpb
-  podAnnotations: {}
+  - Queue_Overflow_Reason.gpb
-    # prometheus.io/scrape: "true"
+   - Static_Text.gpb
-    # prometheus.io/port: "{{.Values.monitoring.port}}"
+   - Twitter_Media_Activity.gpb
-    # prometheus.io/path: "/metrics"
+   - eServices_Agent_Activity.gpb
-   podMonitor:
+   - eServices_Queue_KPIs.gpb
-     # enables PodMonitor creation for the POD
+</source>
-    enabled: true
-    # interval at which metrics should be scraped
+'''Install the <tt>init-tenant</tt> helm chart''': <br />
-    scrapeInterval: 30s
+To install the <tt>init-tenant</tt> helm chart, run the following command:
-    # timeout after which the scrape is ended
+<source lang="bash">
-    scrapeTimeout:
+helm upgrade --install "pulse-init-tenant-<tenant-sid>" pulsehelmrepo/init-tenant --wait --wait-for-jobs --version="<chart-version>"--namespace=pulse -f values-override-init-tenant.yaml
-    # namespace of the PodMonitor, defaults to the namespace of the POD
+</source>
-    namespace:
+If installation is successful, the exit code <tt>0</tt> appears.
-    additionalLabels: {}
-  alerts:
+'''Validate the <tt>init-tenant</tt> helm chart''':<br />
-    # enables alert rules
+To validate the <tt>init-tenant</tt> helm chart, run the following command:
-    enabled: true
+<source lang="bash">
-    # alert condition duration
+kubectl get pods -n="pulse" -l "app.kubernetes.io/name=init-tenant,app.kubernetes.io/instance=pulse-init-tenant-<tenant-sid>"
-    duration: 5m
+</source>
-    # namespace of the alert rules, defaults to the namespace of the POD
+If the deployment was successful, the <tt>pulse-init-tenant</tt> job is listed as <tt>Completed</tt>/.
-    namespace:
+For example:
-    additionalLabels: {}
+<source lang="bash">
+NAME                                     READY   STATUS      RESTARTS   AGE
+pulse-init-tenant-100-job-qszgl          0/1     Completed   0          2d20h
+</source>
+===Install dcu helm chart===
+'''Get the <tt>dcu</tt> helm chart:'''
+<source lang="bash">
+helm repo update
+helm search repo <pulsehelmrepo>/dcu
+</source>
+'''Prepare the override file:'''
+*Update the <tt>values-override-dcu.yaml</tt> file (AKS):
+*:<source lang="bash"># Default values for dcu.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
-##########################################################################
+replicaCount: "<tenant-dcu>"
-# * Configuration for the Collector container
+# * Tenant info
-collector:
+# tenant identification, or empty for shared deployment
-   # resource limits for container
+tenant:
-   resources:
+   # Tenant UUID
-    # minimum resource requirements to start container
+   id: "<tenant-uuid>"
-    requests:
+  # Tenant SID (like 0001)
-      # minimal amount of memory required to start a container
+  sid: "<tenant-sid>"
-      memory: "300Mi"
-      # minimal CPU to reserve
-      cpu: "200m"
-    # resource limits for containers
-    limits:
-      # maximum amount of memory a container can use before being evicted
-      # by the OOM Killer
-      memory: "4Gi"
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
-      # what the application can effectively use before needing to be horizontally scaled out
-      cpu: "8000m"
-  # securityContext:
-  #   runAsUser: 500
-  #   runAsGroup: 500
-# * Configuration for the StatServer container
+# * Common log configuration
-statserver:
+log:
-   # resource limits for container
+   # target directory where log will be stored, leave empty for default
-   resources:
+   logDir: ""
-    # minimum resource requirements to start container
+  # path where volume will be mounted
-    requests:
+  volumeMountPath: /data/log
-      # minimal amount of memory required to start a container
+  # log volume type: none | hostpath | pvc
-      memory: "300Mi"
+  volumeType: pvc
-      # minimal CPU to reserve
+  # log volume hostpath, used with volumeType "hostpath"
-      cpu: "100m"
+  volumeHostPath: /mnt/log
-    # resource limits for containers
+  # log PVC parameters, used with volumeType "pvc"
-    limits:
+  pvc:
-      # maximum amount of memory a container can use before being evicted
+    name: pulse-dcu-logs
-      # by the OOM Killer
+    accessModes:
-      memory: "4Gi"
+      - ReadWriteMany
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
+    capacity: 10Gi
-      # what the application can effectively use before needing to be horizontally scaled out
+    class: <pv-storage-class-rw-many>
-      cpu: "4000m"
-  # securityContext:
-  #   runAsUser: 500
-  #   runAsGroup: 500
-# * Configuration for the monitor sidecar container
+# * Config info
-monitorSidecar:
+# Set your values.
-   # resource limits for container
+config:
-   resources:
+  dbName: "<db-name>"
-    # disabled: true
+   # set "true" when need @host added for username
-    # minimum resource requirements to start container
+   dbUserWithHost: true
-    requests:
+  mountSecrets: false
-      # minimal amount of memory required to start a container
+  postgresConfig: "pulse-postgres-configmap"
-      memory: "30Mi"
+  # Postgres secret name
-      # minimal CPU to reserve
+  postgresSecret: "pulse-postgres-secret"
-      cpu: "2m"
+  # Postgres secret key for user
-    # resource limits for containers
+  postgresSecretUser: "META_DB_ADMIN"
-    limits:
+  # Postgres secret key for password
-      # maximum amount of memory a container can use before being evicted
+  postgresSecretPassword: "META_DB_ADMINPWD"
-      # by the OOM Killer
+  redisConfig: "pulse-redis-configmap"
-      memory: "70Mi"
+   # Redis secret name
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
+   redisSecret: "pulse-redis-secret"
-      # what the application can effectively use before needing to be horizontally scaled out
+   # Redis secret key for access key
-      cpu: "10m"
+   redisSecretKey: "REDIS01_KEY"
-   # securityContext:
-   #   runAsUser: 500
-   #   runAsGroup: 500
-##########################################################################
+# * Image
+# container image common settings
+image:
+  tag: "<image-version>"
+  pullPolicy: IfNotPresent
+  registry: "<docker-registry>"
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
-# * Configuration for the Configuration Server Proxy container
+## Service account settings
-csproxy:
+serviceAccount:
-   # define domain for the configuration host
+   # Specifies whether a service account should be created
-   params:
+   create: false
-    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
+   # Annotations to add to the service account
-   # resource limits for container
+   annotations: {}
-   resources:
+  # The name of the service account to use.
-    # minimum resource requirements to start container
+  # If not set and create is true, a name is generated using the fullname template
-    requests:
+  name: ""
-      # minimal amount of memory required to start a container
-      memory: "200Mi"
+## Add annotations to all pods
-      # minimal CPU to reserve
+##
-      cpu: "50m"
+podAnnotations: {}
-    # resource limits for containers
-    limits:
-      # maximum amount of memory a container can use before being evicted
-      # by the OOM Killer
-      memory: "2Gi"
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
-      # what the application can effectively use before needing to be horizontally scaled out
-      cpu: "1000m"
-  # securityContext:
-  #   runAsUser: 500
-  #   runAsGroup: 500
-# volumeClaims contains persistent volume claims for services
+## Specifies the security context for all Pods in the service
-# All available storage classes can be found here:
+##
-# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
+podSecurityContext: {}
-volumeClaims:
-  # statserverBackup is storage for statserver backup data
+## Add labels to all pods
-  statserverBackup:
+##
-    name: statserver-backup
+podLabels: {}
-    accessModes:
-      - ReadWriteOnce
-    # capacity is storage capacity
-    capacity: "1Gi"
-    # class is storage class. Must be set explicitly.
-    class: <pv-storage-class-rw-once>
-</source>
-*Update the <tt>values-override-dcu.yaml</tt> file (OpenShift):
-*:<source lang="bash">
-# Default values for dcu.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-replicaCount: "<tenant-dcu>"
+## HPA Settings
+## Not supported in this release!
+hpa:
+  enabled: false
-# * Tenant info
+## Priority Class
-# tenant identification, or empty for shared deployment
+## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
-tenant:
+##
-  # Tenant UUID
+priorityClassName: ""
-  id: "<tenant-uuid>"
-  # Tenant SID (like 0001)
-  sid: "<tenant-sid>"
-# * Common log configuration
+## Node labels for assignment.
-log:
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
-  # target directory where log will be stored, leave empty for default
+##
-  logDir: ""
+nodeSelector: {}
-  # path where volume will be mounted
-  volumeMountPath: /data/log
-  # log volume type: none | hostpath | pvc
-  volumeType: pvc
-  # log volume hostpath, used with volumeType "hostpath"
-  volumeHostPath: /mnt/log
-  # log PVC parameters, used with volumeType "pvc"
-  pvc:
-    name: pulse-dcu-logs
-    accessModes:
-      - ReadWriteMany
-    capacity: 10Gi
-    class: <pv-storage-class-rw-many>
-# * Config info
+## Tolerations for assignment.
-# Set your values.
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
-config:
+##
-  dbName: "<db-name>"
+tolerations: []
-  # set "true" when need @host added for username
-  dbUserWithHost: true
-  mountSecrets: false
-  postgresConfig: "pulse-postgres-configmap"
-  # Postgres secret name
-  postgresSecret: "pulse-postgres-secret"
-  # Postgres secret key for user
-  postgresSecretUser: "META_DB_ADMIN"
-  # Postgres secret key for password
-  postgresSecretPassword: "META_DB_ADMINPWD"
-  redisConfig: "pulse-redis-configmap"
-  # Redis secret name
-  redisSecret: "pulse-redis-secret"
-  # Redis secret key for access key
-  redisSecretKey: "REDIS01_KEY"
-# * Image
+## Pod Disruption Budget Settings
-# container image common settings
+podDisruptionBudget:
-image:
+   enabled: false
-  tag: "<image-version>"
-   pullPolicy: IfNotPresent
-  registry: "<docker-registry>"
-  imagePullSecrets: [name: "<docker-registry-secret-name>"]
-## Service account settings
+## Affinity for assignment.
-serviceAccount:
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
-  # Specifies whether a service account should be created
-  create: false
-  # Annotations to add to the service account
-  annotations: {}
-  # The name of the service account to use.
-  # If not set and create is true, a name is generated using the fullname template
-  name: ""
-## Add annotations to all pods
 ##
-podAnnotations: {}
+affinity: {}
-## Specifies the security context for all Pods in the service
+# * Monitoring settings
-##
+monitoring:
-podSecurityContext:
+  # enable the Prometheus metrics endpoint
-   runAsNonRoot: true
+  enabled: false
-   runAsUser: 500
+  # enable golden signals metrics (not supported for PE)
-  runAsGroup: 500
+  goldenSignals:
-  fsGroup: 0
+    enabled: false
+  # port number of the Prometheus metrics endpoint
+  port: 9091
+  # HTTP path to scrape for metrics
+  path: /metrics
+  # additional annotations required for monitoring PODs
+  # you can reference values of other variables as {{.Values.variable.full.name}}
+  podAnnotations: {}
+    # prometheus.io/scrape: "true"
+    # prometheus.io/port: "{{.Values.monitoring.port}}"
+    # prometheus.io/path: "/metrics"
+   podMonitor:
+    # enables PodMonitor creation for the POD
+    enabled: true
+    # interval at which metrics should be scraped
+    scrapeInterval: 30s
+    # timeout after which the scrape is ended
+    scrapeTimeout:
+    # namespace of the PodMonitor, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
+   alerts:
+    # enables alert rules
+    enabled: true
+    # alert condition duration
+    duration: 5m
+    # namespace of the alert rules, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
-## Add labels to all pods
+##########################################################################
-##
-podLabels: {}
-## HPA Settings
+# * Configuration for the Collector container
-## Not supported in this release!
+collector:
-hpa:
+  # resource limits for container
-   enabled: false
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "300Mi"
+      # minimal CPU to reserve
+      cpu: "200m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "8000m"
+   # securityContext: {}
-## Priority Class
+# * Configuration for the StatServer container
-## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
+statserver:
-##
+  # resource limits for container
-priorityClassName: ""
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "300Mi"
+      # minimal CPU to reserve
+      cpu: "100m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "4000m"
+  # securityContext: {}
-## Node labels for assignment.
+# * Configuration for the monitor sidecar container
-## ref: https://kubernetes.io/docs/user-guide/node-selection/
+monitorSidecar:
-##
+  # resource limits for container
-nodeSelector: {}
+  resources:
+    # disabled: true
-## Tolerations for assignment.
+    # minimum resource requirements to start container
-## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    requests:
-##
+      # minimal amount of memory required to start a container
-tolerations: []
+      memory: "30Mi"
+      # minimal CPU to reserve
+      cpu: "2m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "70Mi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "10m"
+  # securityContext: {}
-## Pod Disruption Budget Settings
+##########################################################################
-podDisruptionBudget:
-  enabled: false
-## Affinity for assignment.
+# * Configuration for the Configuration Server Proxy container
-## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+csproxy:
-##
+   # define domain for the configuration host
-affinity: {}
+   params:
+     cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
-# * Monitoring settings
+   # resource limits for container
-monitoring:
+   resources:
-  # enable the Prometheus metrics endpoint
+    # minimum resource requirements to start container
-  enabled: false
+    requests:
-   # enable golden signals metrics (not supported for PE)
+      # minimal amount of memory required to start a container
-   goldenSignals:
+      memory: "200Mi"
-     enabled: false
+      # minimal CPU to reserve
-   # port number of the Prometheus metrics endpoint
+      cpu: "50m"
-   port: 9091
+     # resource limits for containers
-  # HTTP path to scrape for metrics
+     limits:
-  path: /metrics
+      # maximum amount of memory a container can use before being evicted
-  # additional annotations required for monitoring PODs
+      # by the OOM Killer
-  # you can reference values of other variables as {{.Values.variable.full.name}}
+      memory: "2Gi"
-  podAnnotations: {}
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
-    # prometheus.io/scrape: "true"
+      # what the application can effectively use before needing to be horizontally scaled out
-    # prometheus.io/port: "{{.Values.monitoring.port}}"
+      cpu: "1000m"
-    # prometheus.io/path: "/metrics"
+  # securityContext: {}
-  podMonitor:
-     # enables PodMonitor creation for the POD
-     enabled: true
-    # interval at which metrics should be scraped
-    scrapeInterval: 30s
-    # timeout after which the scrape is ended
-    scrapeTimeout:
-    # namespace of the PodMonitor, defaults to the namespace of the POD
-    namespace:
-    additionalLabels: {}
-  alerts:
-    # enables alert rules
-    enabled: true
-    # alert condition duration
-    duration: 5m
-    # namespace of the alert rules, defaults to the namespace of the POD
-    namespace:
-    additionalLabels: {}
-##########################################################################
+# volumeClaims contains persistent volume claims for services
+# All available storage classes can be found here:
-# * Configuration for the Collector container
+# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
-collector:
+volumeClaims:
-   # resource limits for container
+   # statserverBackup is storage for statserver backup data
-   resources:
+   statserverBackup:
-     # minimum resource requirements to start container
+     name: statserver-backup
-     requests:
+     accessModes:
-       # minimal amount of memory required to start a container
+       - ReadWriteOnce
-      memory: "300Mi"
+    # capacity is storage capacity
-      # minimal CPU to reserve
+    capacity: "1Gi"
-      cpu: "200m"
+     # class is storage class. Must be set explicitly.
-     # resource limits for containers
+     class: <pv-storage-class-rw-once>
-     limits:
+</source>
-      # maximum amount of memory a container can use before being evicted
-      # by the OOM Killer
+*Update the <tt>values-override-dcu.yaml</tt> file (GKE):
-      memory: "4Gi"
+*:<source lang="bash"># Default values for dcu.
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
+# This is a YAML-formatted file.
-      # what the application can effectively use before needing to be horizontally scaled out
+# Declare variables to be passed into your templates.
-      cpu: "8000m"
-  # securityContext:
+replicaCount: "<tenant-dcu>"
-   #   runAsUser: 500
-   #   runAsGroup: 500
+# * Tenant info
+# tenant identification, or empty for shared deployment
+tenant:
+   # Tenant UUID
+   id: "<tenant-uuid>"
+   # Tenant SID (like 0001)
+   sid: "<tenant-sid>"
-# * Configuration for the StatServer container
+# * Common log configuration
-statserver:
+log:
-   # resource limits for container
+   # target directory where log will be stored, leave empty for default
-   resources:
+   logDir: ""
-    # minimum resource requirements to start container
+  # path where volume will be mounted
-    requests:
+  volumeMountPath: /data/log
-      # minimal amount of memory required to start a container
+  # log volume type: none | hostpath | pvc
-      memory: "300Mi"
+  volumeType: pvc
-      # minimal CPU to reserve
+  # log volume hostpath, used with volumeType "hostpath"
-      cpu: "100m"
+  volumeHostPath: /mnt/log
-    # resource limits for containers
+  # log PVC parameters, used with volumeType "pvc"
-    limits:
+  pvc:
-      # maximum amount of memory a container can use before being evicted
+    name: pulse-dcu-logs
-      # by the OOM Killer
+    accessModes:
-      memory: "4Gi"
+      - ReadWriteMany
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
+    capacity: 10Gi
-      # what the application can effectively use before needing to be horizontally scaled out
+    class: <pv-storage-class-rw-many>
-      cpu: "4000m"
-  # securityContext:
-  #   runAsUser: 500
-  #   runAsGroup: 500
-# * Configuration for the monitor sidecar container
+# * Config info
-monitorSidecar:
+# Set your values.
-   # resource limits for container
+config:
-   resources:
+  dbName: "<db-name>"
-    # disabled: true
+   # set "true" when need @host added for username
-    # minimum resource requirements to start container
+   dbUserWithHost: true
-    requests:
+  mountSecrets: false
-      # minimal amount of memory required to start a container
+  postgresConfig: "pulse-postgres-configmap"
-      memory: "30Mi"
+  # Postgres secret name
-      # minimal CPU to reserve
+  postgresSecret: "pulse-postgres-secret"
-      cpu: "2m"
+  # Postgres secret key for user
-    # resource limits for containers
+  postgresSecretUser: "META_DB_ADMIN"
-    limits:
+  # Postgres secret key for password
-      # maximum amount of memory a container can use before being evicted
+  postgresSecretPassword: "META_DB_ADMINPWD"
-      # by the OOM Killer
+  redisConfig: "pulse-redis-configmap"
-      memory: "70Mi"
+   # Redis secret name
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
+   redisSecret: "pulse-redis-secret"
-      # what the application can effectively use before needing to be horizontally scaled out
+   # Redis secret key for access key
-      cpu: "10m"
+   redisSecretKey: "REDIS01_KEY"
-   # securityContext:
-   #   runAsUser: 500
-   #   runAsGroup: 500
-##########################################################################
+# * Image
+# container image common settings
+image:
+  tag: "<image-version>"
+  pullPolicy: IfNotPresent
+  registry: "<docker-registry>"
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
+## Service account settings
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: false
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
-# * Configuration for the Configuration Server Proxy container
+## Add annotations to all pods
-csproxy:
+##
-  # resource limits for container
+podAnnotations: {}
-  resources:
-    # minimum resource requirements to start container
+## Specifies the security context for all Pods in the service
-    requests:
+##
-      # minimal amount of memory required to start a container
+podSecurityContext:
-      memory: "200Mi"
+   runAsNonRoot: true
-      # minimal CPU to reserve
+   runAsUser: 500
-      cpu: "50m"
+   runAsGroup: 500
-    # resource limits for containers
+  fsGroup: 0
-    limits:
-      # maximum amount of memory a container can use before being evicted
-      # by the OOM Killer
-      memory: "2Gi"
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
-      # what the application can effectively use before needing to be horizontally scaled out
-      cpu: "1000m"
-   # securityContext:
-  #   runAsUser: 500
-  #   runAsGroup: 500
-# volumeClaims contains persistent volume claims for services
+## Add labels to all pods
-# All available storage classes can be found here:
+##
-# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
+podLabels: {}
-volumeClaims:
-  # statserverBackup is storage for statserver backup data
+## HPA Settings
-  statserverBackup:
+## Not supported in this release!
-    name: statserver-backup
+hpa:
-    accessModes:
+  enabled: false
-      - ReadWriteOnce
-    # capacity is storage capacity
+## Priority Class
-    capacity: "1Gi"
+## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
-    # class is storage class. Must be set explicitly.
+##
-    class: <pv-storage-class-rw-once></source>
+priorityClassName: ""
-'''Install the <tt>dcu</tt> helm chart'''<br />To install the <tt>dcu</tt> helm chart, run the following command:
+## Node labels for assignment.
-<source lang="bash">helm upgrade --install "pulse-dcu-<tenant-sid>"  pulsehelmrepo/dcu --wait --reuse-values --version=<chart-version> --namespace=pulse -f values-override-dcu.yaml
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
-</source>
+##
+nodeSelector: {}
-'''Validate the <tt>dcu</tt> helm chart'''<br />To validate the <tt>dcu</tt> helm chart, run the following command:
-<source lang="bash">kubectl get pods -n=pulse -l "app.kubernetes.io/name=dcu,app.kubernetes.io/instance=pulse-dcu-<tenant-sid>"
+## Tolerations for assignment.
-</source>
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
-Check the output to ensure that all <tt>pulse-dcu</tt> pods are running, for example:
+##
-<source lang="bash">
+tolerations: []
-NAME              READY   STATUS    RESTARTS   AGE
-pulse-dcu-100-0   3/3     Running   0          5m23s
-pulse-dcu-100-1   3/3     Running   0          4m47s
-</source>
-===Install lds helm chart===
-'''Get the <tt>lds</tt> helm chart:'''
-<source lang="bash">helm repo update
-helm search repo  <pulsehelmrepo>/lds</source>
-'''Prepare the override file:'''
-*Update values in the <tt>values-override-lds.yaml</tt> file (GKE):
-*:<source lang="bash"># Default values for lds.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-replicaCount: 2
+## Pod Disruption Budget Settings
+podDisruptionBudget:
+  enabled: false
-# * Tenant info
+## Affinity for assignment.
-# tenant identification, or empty for shared deployment
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
-tenant:
+##
-  # Tenant UUID
+affinity: {}
-  id: "<tenant-uuid>"
-  # Tenant SID (like 0001)
-  sid: "<tenant-sid>"
-# * Common log configuration
+# * Monitoring settings
-log:
+monitoring:
-   # target directory where log will be stored, leave empty for default
+   # enable the Prometheus metrics endpoint
-   logDir: ""
+   enabled: false
-   # path where volume will be mounted
+   # enable golden signals metrics (not supported for PE)
-   volumeMountPath: /data/log
+   goldenSignals:
-   # log volume type: none | hostpath | pvc
+    enabled: false
-   volumeType: pvc
+   # port number of the Prometheus metrics endpoint
-   # log volume hostpath, used with volumeType "hostpath"
+   port: 9091
-   volumeHostPath: /mnt/log
+   # HTTP path to scrape for metrics
-   # log PVC parameters, used with volumeType "pvc"
+   path: /metrics
-   pvc:
+   # additional annotations required for monitoring PODs
-    name: pulse-lds-logs
+   # you can reference values of other variables as {{.Values.variable.full.name}}
-    accessModes:
+  podAnnotations: {}
-      - ReadWriteMany
+     # prometheus.io/scrape: "true"
-     capacity: 10Gi
+     # prometheus.io/port: "{{.Values.monitoring.port}}"
-     class: <pv-storage-class-rw-many>
+    # prometheus.io/path: "/metrics"
+   podMonitor:
-# * Container image common settings
+    # enables PodMonitor creation for the POD
-image:
+    enabled: true
-  tag: "<image-version>"
+    # interval at which metrics should be scraped
-  pullPolicy: IfNotPresent
+    scrapeInterval: 30s
-  registry: "<docker-registry>"
+    # timeout after which the scrape is ended
-   imagePullSecrets: [name: "<docker-registry-secret-name>"]
+    scrapeTimeout:
+    # namespace of the PodMonitor, defaults to the namespace of the POD
-## Service account settings
+    namespace:
-serviceAccount:
+    additionalLabels: {}
-  # Specifies whether a service account should be created
+   alerts:
-  create: false
+    # enables alert rules
-  # Annotations to add to the service account
+    enabled: true
-  annotations: {}
+    # alert condition duration
-  # The name of the service account to use.
+    duration: 5m
-   # If not set and create is true, a name is generated using the fullname template
+    # namespace of the alert rules, defaults to the namespace of the POD
-  name: ""
+    namespace:
+    additionalLabels: {}
-## Add annotations to all pods
+##########################################################################
-##
-podAnnotations: {}
-## Specifies the security context for all Pods in the service
+# * Configuration for the Collector container
-##
+collector:
-podSecurityContext:
+  # resource limits for container
-   runAsNonRoot: true
+  resources:
-   runAsUser: 500
+    # minimum resource requirements to start container
-   runAsGroup: 500
+    requests:
-  fsGroup: 0
+      # minimal amount of memory required to start a container
+      memory: "300Mi"
+      # minimal CPU to reserve
+      cpu: "200m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "8000m"
+   # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
-## Add labels to all pods
+# * Configuration for the StatServer container
-##
+statserver:
-podLabels: {}
+  # resource limits for container
+  resources:
-## HPA Settings
+    # minimum resource requirements to start container
-## Not supported in this release!
+    requests:
-hpa:
+      # minimal amount of memory required to start a container
-   enabled: false
+      memory: "300Mi"
+      # minimal CPU to reserve
+      cpu: "100m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "4000m"
+  # securityContext:
+  #   runAsUser: 500
+   #   runAsGroup: 500
-## Priority Class
+# * Configuration for the monitor sidecar container
-## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
+monitorSidecar:
-##
+  # resource limits for container
-priorityClassName: ""
+  resources:
+    # disabled: true
-## Node labels for assignment.
+    # minimum resource requirements to start container
-## ref: https://kubernetes.io/docs/user-guide/node-selection/
+    requests:
-##
+      # minimal amount of memory required to start a container
-nodeSelector: {}
+      memory: "30Mi"
+      # minimal CPU to reserve
+      cpu: "2m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "70Mi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "10m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
-## Tolerations for assignment.
+##########################################################################
-## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
-##
-tolerations: []
-## Pod Disruption Budget Settings
+# * Configuration for the Configuration Server Proxy container
-podDisruptionBudget:
+csproxy:
-   enabled: false
+  # define domain for the configuration host
+  params:
+    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "200Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "2Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "1000m"
+   # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
-## Affinity for assignment.
+# volumeClaims contains persistent volume claims for services
-## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+# All available storage classes can be found here:
-##
+# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
-affinity: {}
+volumeClaims:
+  # statserverBackup is storage for statserver backup data
+  statserverBackup:
+    name: statserver-backup
+    accessModes:
+      - ReadWriteOnce
+    # capacity is storage capacity
+    capacity: "1Gi"
+    # class is storage class. Must be set explicitly.
+    class: <pv-storage-class-rw-once>
+</source>
+*Update the <tt>values-override-dcu.yaml</tt> file (OpenShift):
+*:<source lang="bash">
+# Default values for dcu.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+replicaCount: "<tenant-dcu>"
-# * Monitoring settings
+# * Tenant info
-monitoring:
+# tenant identification, or empty for shared deployment
-  # enable the Prometheus metrics endpoint
+tenant:
-  enabled: false
+   # Tenant UUID
-  # enable golden signals metrics (not supported for PE)
+   id: "<tenant-uuid>"
-  goldenSignals:
+   # Tenant SID (like 0001)
-    enabled: false
+   sid: "<tenant-sid>"
-   # port number of the Prometheus metrics endpoint
-   port: 9091
-   # HTTP path to scrape for metrics
-  path: /metrics
-  # additional annotations required for monitoring PODs
-   # you can reference values of other variables as {{.Values.variable.full.name}}
-  podAnnotations: {}
-    # prometheus.io/scrape: "true"
-    # prometheus.io/port: "{{.Values.monitoring.port}}"
-    # prometheus.io/path: "/metrics"
-  podMonitor:
-    # enables PodMonitor creation for the POD
-    enabled: true
-    # interval at which metrics should be scraped
-    scrapeInterval: 30s
-    # timeout after which the scrape is ended
-    scrapeTimeout:
-    # namespace of the PodMonitor, defaults to the namespace of the POD
-    namespace:
-    additionalLabels: {}
-  alerts:
-    # enables alert rules
-    enabled: true
-    # alert condition duration
-    duration: 5m
-    # namespace of the alert rules, defaults to the namespace of the POD
-    namespace:
-    additionalLabels: {}
-# * Configuration for the LDS container
+# * Common log configuration
-lds:
+log:
-   # resource limits for container
+   # target directory where log will be stored, leave empty for default
-   resources:
+   logDir: ""
-    # minimum resource requirements to start container
+  # path where volume will be mounted
-    requests:
+  volumeMountPath: /data/log
-      # minimal amount of memory required to start a container
+  # log volume type: none | hostpath | pvc
-      memory: "50Mi"
+  volumeType: pvc
-      # minimal CPU to reserve
+  # log volume hostpath, used with volumeType "hostpath"
-      cpu: "50m"
+  volumeHostPath: /mnt/log
-    # resource limits for containers
+  # log PVC parameters, used with volumeType "pvc"
-    limits:
+  pvc:
-      # maximum amount of memory a container can use before being evicted
+    name: pulse-dcu-logs
-      # by the OOM Killer
+    accessModes:
-      memory: "4Gi"
+      - ReadWriteMany
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
+    capacity: 10Gi
-      # what the application can effectively use before needing to be horizontally scaled out
+    class: <pv-storage-class-rw-many>
-      cpu: "4000m"
-  # securityContext:
-  #   runAsUser: 500
-  #   runAsGroup: 500
-# * Configuration for the monitor sidecar container
+# * Config info
-monitorSidecar:
+# Set your values.
-   # resource limits for container
+config:
-   resources:
+  dbName: "<db-name>"
-    # minimum resource requirements to start container
+   # set "true" when need @host added for username
-    requests:
+   dbUserWithHost: true
-      # minimal amount of memory required to start a container
+  mountSecrets: false
-      memory: "30Mi"
+  postgresConfig: "pulse-postgres-configmap"
-      # minimal CPU to reserve
+  # Postgres secret name
-      cpu: "2m"
+  postgresSecret: "pulse-postgres-secret"
-    # resource limits for containers
+  # Postgres secret key for user
-    limits:
+  postgresSecretUser: "META_DB_ADMIN"
-      # maximum amount of memory a container can use before being evicted
+  # Postgres secret key for password
-      # by the OOM Killer
+  postgresSecretPassword: "META_DB_ADMINPWD"
-      memory: "70Mi"
+  redisConfig: "pulse-redis-configmap"
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
+   # Redis secret name
-      # what the application can effectively use before needing to be horizontally scaled out
+   redisSecret: "pulse-redis-secret"
-      cpu: "10m"
+   # Redis secret key for access key
-   # securityContext:
+   redisSecretKey: "REDIS01_KEY"
-   #   runAsUser: 500
-   #   runAsGroup: 500
-# *  Configuration for the Configuration Server Proxy container
+# * Image
-csproxy:
+# container image common settings
-   # define domain for the configuration host
+image:
-  params:
+   tag: "<image-version>"
-    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
+   pullPolicy: IfNotPresent
-   resources:
+  registry: "<docker-registry>"
-    # minimum resource requirements to start container
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
-    requests:
-      # minimal amount of memory required to start a container
-      memory: "200Mi"
-      # minimal CPU to reserve
-      cpu: "50m"
-    # resource limits for containers
-    limits:
-      # maximum amount of memory a container can use before being evicted
-      # by the OOM Killer
-      memory: "2Gi"
-      # maximum amount of CPU resources that can be used and should be tuned to reflect
-      # what the application can effectively use before needing to be horizontally scaled out
-      cpu: "1000m"
-  # securityContext:
-  #   runAsUser: 500
-  #   runAsGroup: 500</source>
-*Update values in the <tt>values-override-lds.yaml</tt> file (OpenShift):
-*:<source lang="bash">
-# Default values for lds.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-replicaCount: 2
+## Service account settings
+serviceAccount:
-# * Tenant info
+  # Specifies whether a service account should be created
-# tenant identification, or empty for shared deployment
+  create: false
-tenant:
+   # Annotations to add to the service account
-   # Tenant UUID
+   annotations: {}
-   id: "<tenant-uuid>"
+  # The name of the service account to use.
-   # Tenant SID (like 0001)
+   # If not set and create is true, a name is generated using the fullname template
-   sid: "<tenant-sid>"
+   name: ""
-# * Common log configuration
+## Add annotations to all pods
-log:
+##
-  # target directory where log will be stored, leave empty for default
+podAnnotations: {}
-  logDir: ""
-  # path where volume will be mounted
-  volumeMountPath: /data/log
-  # log volume type: none | hostpath | pvc
-  volumeType: pvc
-  # log volume hostpath, used with volumeType "hostpath"
-  volumeHostPath: /mnt/log
-  # log PVC parameters, used with volumeType "pvc"
-  pvc:
-    name: pulse-lds-logs
-    accessModes:
-      - ReadWriteMany
-    capacity: 10Gi
-    class: <pv-storage-class-rw-many>
-# * Container image common settings
-image:
-  tag: "<image-version>"
-  pullPolicy: IfNotPresent
-  registry: "<docker-registry>"
-  imagePullSecrets: [name: "<docker-registry-secret-name>"]
-## Service account settings
-serviceAccount:
-  # Specifies whether a service account should be created
-  create: false
-  # Annotations to add to the service account
-  annotations: {}
-  # The name of the service account to use.
-  # If not set and create is true, a name is generated using the fullname template
-  name: ""
-## Add annotations to all pods
-##
-podAnnotations: {}
 ## Specifies the security context for all Pods in the service
@@ Line 1,202: / Line 1,154: @@
    enabled: false
    # enable golden signals metrics (not supported for PE)
+  # not needed since 100.0.000.0015
    goldenSignals:
      enabled: false
@@ Line 1,211: / Line 1,164: @@
    # you can reference values of other variables as {{.Values.variable.full.name}}
    podAnnotations: {}
+  # additional annotations required for monitoring Service
+  # you can reference values of other variables as {{.Values.variable.full.name}}
+  # available since 100.0.000.0015
+  serviceAnnotations: {}
      # prometheus.io/scrape: "true"
      # prometheus.io/port: "{{.Values.monitoring.port}}"
@@ Line 1,233: / Line 1,190: @@
      additionalLabels: {}
-# * Configuration for the LDS container
+##########################################################################
-lds:
+# * Configuration for the Collector container
+collector:
    # resource limits for container
    resources:
@@ Line 1,240: / Line 1,199: @@
      requests:
        # minimal amount of memory required to start a container
-       memory: "50Mi"
+       memory: "300Mi"
        # minimal CPU to reserve
-       cpu: "50m"
+       cpu: "200m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "8000m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
+# * Configuration for the StatServer container
+statserver:
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "300Mi"
+      # minimal CPU to reserve
+      cpu: "100m"
      # resource limits for containers
      limits:
@@ Line 1,259: / Line 1,240: @@
    # resource limits for container
    resources:
+    # disabled: true
      # minimum resource requirements to start container
      requests:
@@ Line 1,277: / Line 1,259: @@
    #   runAsGroup: 500
-# *  Configuration for the Configuration Server Proxy container
+##########################################################################
+# * Configuration for the Configuration Server Proxy container
 csproxy:
+  # resource limits for container
    resources:
      # minimum resource requirements to start container
@@ Line 1,296: / Line 1,281: @@
    # securityContext:
    #   runAsUser: 500
-   #   runAsGroup: 500</source>
+   #   runAsGroup: 500
+# volumeClaims contains persistent volume claims for services
+# All available storage classes can be found here:
+# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf
+volumeClaims:
+  # statserverBackup is storage for statserver backup data
+  statserverBackup:
+    name: statserver-backup
+    accessModes:
+      - ReadWriteOnce
+    # capacity is storage capacity
+    capacity: "1Gi"
+    # class is storage class. Must be set explicitly.
+    class: <pv-storage-class-rw-once></source>
+'''Install the <tt>dcu</tt> helm chart'''<br />To install the <tt>dcu</tt> helm chart, run the following command:
+<source lang="bash">helm upgrade --install "pulse-dcu-<tenant-sid>"  pulsehelmrepo/dcu --wait --reuse-values --version=<chart-version> --namespace=pulse -f values-override-dcu.yaml
+</source>
-'''Update values in the <tt>values-override-lds-vq.yaml</tt> file:'''
+'''Validate the <tt>dcu</tt> helm chart'''<br />To validate the <tt>dcu</tt> helm chart, run the following command:
-<source lang="bash"># Default values for lds.
+<source lang="bash">kubectl get pods -n=pulse -l "app.kubernetes.io/name=dcu,app.kubernetes.io/instance=pulse-dcu-<tenant-sid>"
+</source>
+Check the output to ensure that all <tt>pulse-dcu</tt> pods are running, for example:
+<source lang="bash">
+NAME              READY   STATUS    RESTARTS   AGE
+pulse-dcu-100-0   3/3     Running   0          5m23s
+pulse-dcu-100-1   3/3     Running   0          4m47s
+</source>
+===Install lds helm chart===
+'''Get the <tt>lds</tt> helm chart:'''
+<source lang="bash">helm repo update
+helm search repo  <pulsehelmrepo>/lds</source>
+'''Prepare the override file:'''
+*Update values in the <tt>values-override-lds.yaml</tt> file (AKS):
+*:<source lang="bash"># Default values for lds.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
-lds:
+replicaCount: 2
-   params:
-     cfgApp: "pulse-lds-vq-$((K8S_POD_INDEX % 2))"
+# * Tenant info
+# tenant identification, or empty for shared deployment
-log:
+tenant:
-   pvc:
+  # Tenant UUID
-     name: pulse-lds-vq-logs
+  id: "<tenant-uuid>"
-</source>
+  # Tenant SID (like 0001)
+  sid: "<tenant-sid>"
-'''Install the <tt>lds</tt> helm chart''':<br />To install the <tt>lds</tt> helm chart, run the following command:
-<source lang="bash">
+# * Common log configuration
-helm upgrade --install "pulse-lds-<tenant-sid>"    pulsehelmrepo/lds --wait --version=<chart-version> --namespace=pulse -f values-override-lds.yaml
+log:
-helm upgrade --install "pulse-lds-vq-<tenant-sid>" pulsehelmrepo/lds --wait --version=<chart-version> --namespace=pulse -f values-override-lds.yaml -f values-override-lds-vq.yaml
+  # target directory where log will be stored, leave empty for default
-</source>
+  logDir: ""
-If the installation is successful, the exit code <tt>0</tt> appears.
+  # path where volume will be mounted
+  volumeMountPath: /data/log
-'''Validate the <tt>lds</tt> helm chart''':<br />To validate the <tt>lds</tt> helm chart, run the following command:
+  # log volume type: none | hostpath | pvc
-<source lang="bash">kubectl get pods -n=pulse -l "app.kubernetes.io/name=lds,app.kubernetes.io/instance=pulse-lds-<tenant-sid>"
+  volumeType: pvc
+  # log volume hostpath, used with volumeType "hostpath"
+  volumeHostPath: /mnt/log
+  # log PVC parameters, used with volumeType "pvc"
+  pvc:
+    name: pulse-lds-logs
+    accessModes:
+      - ReadWriteMany
+    capacity: 10Gi
+    class: <pv-storage-class-rw-many>
+# * Container image common settings
+image:
+  tag: "<image-version>"
+  pullPolicy: IfNotPresent
+  registry: "<docker-registry>"
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
+## Service account settings
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: false
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+## Add annotations to all pods
+##
+podAnnotations: {}
+## Specifies the security context for all Pods in the service
+##
+podSecurityContext: {}
+## Add labels to all pods
+##
+podLabels: {}
+## HPA Settings
+## Not supported in this release!
+hpa:
+  enabled: false
+## Priority Class
+## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
+##
+priorityClassName: ""
+## Node labels for assignment.
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## Tolerations for assignment.
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+## Pod Disruption Budget Settings
+podDisruptionBudget:
+  enabled: false
+## Affinity for assignment.
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
+# * Monitoring settings
+monitoring:
+  # enable the Prometheus metrics endpoint
+  enabled: false
+  # enable golden signals metrics (not supported for PE)
+  goldenSignals:
+    enabled: false
+  # port number of the Prometheus metrics endpoint
+  port: 9091
+  # HTTP path to scrape for metrics
+  path: /metrics
+  # additional annotations required for monitoring PODs
+  # you can reference values of other variables as {{.Values.variable.full.name}}
+  podAnnotations: {}
+    # prometheus.io/scrape: "true"
+    # prometheus.io/port: "{{.Values.monitoring.port}}"
+    # prometheus.io/path: "/metrics"
+  podMonitor:
+    # enables PodMonitor creation for the POD
+    enabled: true
+    # interval at which metrics should be scraped
+    scrapeInterval: 30s
+    # timeout after which the scrape is ended
+    scrapeTimeout:
+    # namespace of the PodMonitor, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
+  alerts:
+    # enables alert rules
+    enabled: true
+    # alert condition duration
+    duration: 5m
+    # namespace of the alert rules, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
+# * Configuration for the LDS container
+lds:
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "50Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "4000m"
+  # securityContext: {}
+# * Configuration for the monitor sidecar container
+monitorSidecar:
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "30Mi"
+      # minimal CPU to reserve
+      cpu: "2m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "70Mi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "10m"
+  # securityContext: {}
+# *  Configuration for the Configuration Server Proxy container
+csproxy:
+  # define domain for the configuration host
+  params:
+    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "200Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "2Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "1000m"
+  # securityContext: {}
+</source>
+*Update values in the <tt>values-override-lds.yaml</tt> file (GKE):
+*:<source lang="bash"># Default values for lds.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+replicaCount: 2
+# * Tenant info
+# tenant identification, or empty for shared deployment
+tenant:
+  # Tenant UUID
+  id: "<tenant-uuid>"
+  # Tenant SID (like 0001)
+  sid: "<tenant-sid>"
+# * Common log configuration
+log:
+  # target directory where log will be stored, leave empty for default
+  logDir: ""
+  # path where volume will be mounted
+  volumeMountPath: /data/log
+  # log volume type: none | hostpath | pvc
+  volumeType: pvc
+  # log volume hostpath, used with volumeType "hostpath"
+  volumeHostPath: /mnt/log
+  # log PVC parameters, used with volumeType "pvc"
+  pvc:
+    name: pulse-lds-logs
+    accessModes:
+      - ReadWriteMany
+    capacity: 10Gi
+    class: <pv-storage-class-rw-many>
+# * Container image common settings
+image:
+  tag: "<image-version>"
+  pullPolicy: IfNotPresent
+  registry: "<docker-registry>"
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
+## Service account settings
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: false
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+## Add annotations to all pods
+##
+podAnnotations: {}
+## Specifies the security context for all Pods in the service
+##
+podSecurityContext:
+  runAsNonRoot: true
+  runAsUser: 500
+  runAsGroup: 500
+  fsGroup: 0
+## Add labels to all pods
+##
+podLabels: {}
+## HPA Settings
+## Not supported in this release!
+hpa:
+  enabled: false
+## Priority Class
+## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
+##
+priorityClassName: ""
+## Node labels for assignment.
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## Tolerations for assignment.
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+## Pod Disruption Budget Settings
+podDisruptionBudget:
+  enabled: false
+## Affinity for assignment.
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
+# * Monitoring settings
+monitoring:
+  # enable the Prometheus metrics endpoint
+  enabled: false
+  # enable golden signals metrics (not supported for PE)
+  goldenSignals:
+    enabled: false
+  # port number of the Prometheus metrics endpoint
+  port: 9091
+  # HTTP path to scrape for metrics
+  path: /metrics
+  # additional annotations required for monitoring PODs
+  # you can reference values of other variables as {{.Values.variable.full.name}}
+  podAnnotations: {}
+    # prometheus.io/scrape: "true"
+    # prometheus.io/port: "{{.Values.monitoring.port}}"
+    # prometheus.io/path: "/metrics"
+  podMonitor:
+    # enables PodMonitor creation for the POD
+    enabled: true
+    # interval at which metrics should be scraped
+    scrapeInterval: 30s
+    # timeout after which the scrape is ended
+    scrapeTimeout:
+    # namespace of the PodMonitor, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
+  alerts:
+    # enables alert rules
+    enabled: true
+    # alert condition duration
+    duration: 5m
+    # namespace of the alert rules, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
+# * Configuration for the LDS container
+lds:
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "50Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "4000m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
+# * Configuration for the monitor sidecar container
+monitorSidecar:
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "30Mi"
+      # minimal CPU to reserve
+      cpu: "2m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "70Mi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "10m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
+# *  Configuration for the Configuration Server Proxy container
+csproxy:
+  # define domain for the configuration host
+  params:
+    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "200Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "2Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "1000m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500</source>
+*Update values in the <tt>values-override-lds.yaml</tt> file (OpenShift):
+*:<source lang="bash">
+# Default values for lds.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+replicaCount: 2
+# * Tenant info
+# tenant identification, or empty for shared deployment
+tenant:
+  # Tenant UUID
+  id: "<tenant-uuid>"
+  # Tenant SID (like 0001)
+  sid: "<tenant-sid>"
+# * Common log configuration
+log:
+  # target directory where log will be stored, leave empty for default
+  logDir: ""
+  # path where volume will be mounted
+  volumeMountPath: /data/log
+  # log volume type: none | hostpath | pvc
+  volumeType: pvc
+  # log volume hostpath, used with volumeType "hostpath"
+  volumeHostPath: /mnt/log
+  # log PVC parameters, used with volumeType "pvc"
+  pvc:
+    name: pulse-lds-logs
+    accessModes:
+      - ReadWriteMany
+    capacity: 10Gi
+    class: <pv-storage-class-rw-many>
+# * Container image common settings
+image:
+  tag: "<image-version>"
+  pullPolicy: IfNotPresent
+  registry: "<docker-registry>"
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
+## Service account settings
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: false
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+## Add annotations to all pods
+##
+podAnnotations: {}
+## Specifies the security context for all Pods in the service
+##
+podSecurityContext:
+  runAsNonRoot: true
+  runAsUser: 500
+  runAsGroup: 500
+  fsGroup: 0
+## Add labels to all pods
+##
+podLabels: {}
+## HPA Settings
+## Not supported in this release!
+hpa:
+  enabled: false
+## Priority Class
+## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
+##
+priorityClassName: ""
+## Node labels for assignment.
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## Tolerations for assignment.
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+## Pod Disruption Budget Settings
+podDisruptionBudget:
+  enabled: false
+## Affinity for assignment.
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
+# * Monitoring settings
+monitoring:
+  # enable the Prometheus metrics endpoint
+  enabled: false
+  # enable golden signals metrics (not supported for PE)
+  # not needed since 100.0.000.0015
+  goldenSignals:
+    enabled: false
+  # port number of the Prometheus metrics endpoint
+  port: 9091
+  # HTTP path to scrape for metrics
+  path: /metrics
+  # additional annotations required for monitoring PODs
+  # you can reference values of other variables as {{.Values.variable.full.name}}
+  podAnnotations: {}
+  # additional annotations required for monitoring Service
+  # you can reference values of other variables as {{.Values.variable.full.name}}
+  # available since 100.0.000.0015
+  serviceAnnotations: {}
+    # prometheus.io/scrape: "true"
+    # prometheus.io/port: "{{.Values.monitoring.port}}"
+    # prometheus.io/path: "/metrics"
+  podMonitor:
+    # enables PodMonitor creation for the POD
+    enabled: true
+    # interval at which metrics should be scraped
+    scrapeInterval: 30s
+    # timeout after which the scrape is ended
+    scrapeTimeout:
+    # namespace of the PodMonitor, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
+  alerts:
+    # enables alert rules
+    enabled: true
+    # alert condition duration
+    duration: 5m
+    # namespace of the alert rules, defaults to the namespace of the POD
+    namespace:
+    additionalLabels: {}
+# * Configuration for the LDS container
+lds:
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "50Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "4Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "4000m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
+# * Configuration for the monitor sidecar container
+monitorSidecar:
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "30Mi"
+      # minimal CPU to reserve
+      cpu: "2m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "70Mi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "10m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
+# *  Configuration for the Configuration Server Proxy container
+csproxy:
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "200Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "2Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "1000m"
+  # securityContext:
+  #   runAsUser: 500
+  #   runAsGroup: 500
+</source>
+'''Update values in the <tt>values-override-lds-vq.yaml</tt> file:'''
+<source lang="bash"># Default values for lds.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+lds:
+   params:
+     cfgApp: "pulse-lds-vq-$((K8S_POD_INDEX % 2))"
+log:
+   pvc:
+     name: pulse-lds-vq-logs
+</source>
+'''Install the <tt>lds</tt> helm chart''':<br />To install the <tt>lds</tt> helm chart, run the following command:
+<source lang="bash">
+helm upgrade --install "pulse-lds-<tenant-sid>"    pulsehelmrepo/lds --wait --version=<chart-version> --namespace=pulse -f values-override-lds.yaml
+helm upgrade --install "pulse-lds-vq-<tenant-sid>" pulsehelmrepo/lds --wait --version=<chart-version> --namespace=pulse -f values-override-lds.yaml -f values-override-lds-vq.yaml
+</source>
+If the installation is successful, the exit code <tt>0</tt> appears.
+'''Validate the <tt>lds</tt> helm chart''':<br />To validate the <tt>lds</tt> helm chart, run the following command:
+<source lang="bash">kubectl get pods -n=pulse -l "app.kubernetes.io/name=lds,app.kubernetes.io/instance=pulse-lds-<tenant-sid>"
+</source>
+Verify that the command reports all pulse-lds-vq pods as Running, for example:
+<source lang="bash">
+NAME              READY   STATUS    RESTARTS   AGE
+pulse-lds-100-0   3/3     Running   0          2d20h
+pulse-lds-100-1   3/3     Running   0          2d20h </source>
+===Install permissions helm chart===
+'''Get the <tt>permissions</tt> helm chart'''
+<source lang="bash">helm repo update
+helm search repo <pulsehelmrepo>/permissions</source>
+'''Prepare the override file:'''
+*Update values in the <tt>values-override-permissions.yaml</tt> file (AKS):
+*:<source lang="bash"># Default values for permissions.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+# * Image configuration
+image:
+  tag: "<image-version>"
+  pullPolicy: IfNotPresent
+  registry: "<docker-registry>"
+  imagePullSecrets: [name: "<docker-registry-secret-name>"]
+# * Tenant info
+# tenant identification, or empty for shared deployment
+tenant:
+  # Tenant UUID
+  id: "<tenant-uuid>"
+  # Tenant SID (like 0001)
+  sid: "<tenant-sid>"
+# common configuration.
+config:
+  dbName: "<db-name>"
+  # set "true" when need @host added for username
+  dbUserWithHost: true
+  # set "true" for CSI secrets
+  mountSecrets: false
+  # Postgres config map name
+  postgresConfig: "pulse-postgres-configmap"
+  # Postgres secret name
+  postgresSecret: "pulse-postgres-secret"
+  # Postgres secret key for user
+  postgresSecretUser: "META_DB_ADMIN"
+  # Postgres secret key for password
+  postgresSecretPassword: "META_DB_ADMINPWD"
+  # Redis config map name
+  redisConfig: "pulse-redis-configmap"
+  # Redis secret name
+  redisSecret: "pulse-redis-secret"
+  # Redis secret key for access key
+  redisSecretKey: "REDIS01_KEY"
+# * Configuration for the Configuration Server Proxy container
+csproxy:
+  # define domain for the configuration host
+  params:
+    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"
+  # resource limits for container
+  resources:
+    # minimum resource requirements to start container
+    requests:
+      # minimal amount of memory required to start a container
+      memory: "200Mi"
+      # minimal CPU to reserve
+      cpu: "50m"
+    # resource limits for containers
+    limits:
+      # maximum amount of memory a container can use before being evicted
+      # by the OOM Killer
+      memory: "2Gi"
+      # maximum amount of CPU resources that can be used and should be tuned to reflect
+      # what the application can effectively use before needing to be horizontally scaled out
+      cpu: "1000m"
+  # securityContext: {}
+# * Common log configuration
+log:
+  # target directory where log will be stored, leave empty for default
+  logDir: ""
+  # path where volume will be mounted
+  volumeMountPath: /data/log
+  # log volume type: none | hostpath | pvc
+  volumeType: pvc
+  # log volume hostpath, used with volumeType "hostpath"
+  volumeHostPath: /mnt/log
+  # log PVC parameters, used with volumeType "pvc"
+  pvc:
+    name: pulse-permissions-logs
+    accessModes:
+      - ReadWriteMany
+    capacity: 10Gi
+    class: <pv-storage-class-rw-many>
+## Specifies the security context for all Pods in the service
+##
+podSecurityContext: {}
+## Resource requests and limits
+## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+##
+resources:
+  limits:
+    memory: "1Gi"
+    cpu: "500m"
+  requests:
+    memory: "400Mi"
+    cpu: "50m"
+## HPA Settings
+## Not supported in this release!
+hpa:
+  enabled: false
+## Priority Class
+## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
+##
+priorityClassName: ""
+## Node labels for assignment.
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## Tolerations for assignment.
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+## Pod Disruption Budget Settings
+podDisruptionBudget:
+  enabled: false
+## Affinity for assignment.
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
 </source>
-Verify that the command reports all pulse-lds-vq pods as Running, for example:
-<source lang="bash">
-NAME              READY   STATUS    RESTARTS   AGE
-pulse-lds-100-0   3/3     Running   0          2d20h
-pulse-lds-100-1   3/3     Running   0          2d20h </source>
-===Install permissions helm chart===
-'''Get the <tt>permissions</tt> helm chart'''
-<source lang="bash">helm repo update
-helm search repo <pulsehelmrepo>/permissions</source>
-'''Prepare the override file:'''
 *Update values in the <tt>values-override-permissions.yaml</tt> file (GKE):
@@ Line 1,617: / Line 2,358: @@
 |sectionHeading=Troubleshooting
 |alignment=Vertical
-|structuredtext='''Check init-tenant helm chart manifests:'''<br />To output manifest into the '''helm-template''' directory, run the following command:
+|structuredtext='''Check init-tenant helm chart manifests:'''<br />To output the manifest into the '''helm-template''' directory, run the following command:
 <source lang="bash">helm template --version=<chart-version> --namespace=pulse --debug --output-dir helm-template pulse-init-tenant-<tenant-sid> pulsehelmrepo/init-tenant -f values-override-init-tenant.yaml
 </source>