Difference between revisions of "TLM/Current/TLMPEGuide/Configure"

From Genesys Documentation
Jump to: navigation, search
(Published)
 
(Published)
Line 5: Line 5:
 
|ComingSoon=No
 
|ComingSoon=No
 
|Section={{Section
 
|Section={{Section
 +
|sectionHeading=Configure a secret to access JFrog
 +
|anchor=jfrog-secrets
 +
|alignment=Vertical
 +
|structuredtext=If you haven't done so already, create a secret for accessing the JFrog registry:<source lang="text">kubectl create secret docker-registry <credential-name> --docker-server=<docker repo> --docker-username=<username> --docker-password=<password> --docker-email=<emailid></source>Now map the secret to the default service account:<source lang="text">kubectl secrets link default <credential-name> --for=pull</source>
 +
|FAQHeading=How do I access a JFrog repository?
 +
|Status=No
 +
}}{{Section
 
|sectionHeading=Override Helm chart values
 
|sectionHeading=Override Helm chart values
 
|alignment=Vertical
 
|alignment=Vertical
Line 157: Line 164:
 
{{!}}Specify the mode how telemetry service should be executed: Possible values aws / azure / openshift
 
{{!}}Specify the mode how telemetry service should be executed: Possible values aws / azure / openshift
 
{{!}}``
 
{{!}}``
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_SERVICES_AUTH (mandatory)
 +
{{!}}URL of the GWS Auth public API
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_SERVICES_ES
 +
{{!}}URL of the Elastic Search endpoint.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_API_STRICT
 +
{{!}}Define if the API accepts additional properties  in payload. To disable strict mode, set it to 0.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_AUTH_CLIENT_ID
 +
{{!}}Client ID that is used to authenticate with  auth service
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_AUTH_CLIENT_SECRET
 +
{{!}}Client secret that is used to authenticate with  auth service
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_HTTPS_ENABLED
 +
{{!}}If set to true session cookie will use secure  mode. If set to false, it will use insecure cookies. If set to auto, it will  set secure flag of cookie based on x-forwarded-proto or values in  TELEMETRY_HTTPS_CUSTOM_HEADERS if set.
 +
{{!}}auto
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_HTTPS_CUSTOM_HEADERS
 +
{{!}}If set, and TELEMETRY_HTTPS_ENABLED is set to  auto mode, it will check the comma-separated list of custom headers here to  see if it's http or https to determine the secure flag of cookie.
 +
{{!}}x-forwarded-scheme
 +
{{!}}
 +
{{!}}-
 +
{{!}}DEV_MODE
 +
{{!}}Activate when set to 1. Display more relevant  information in the console. Also set the logger level to more verbose.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_BENCH_MODE
 +
{{!}}Activate when set to 1. For development  purpose. This will skip the OAuth validation and will create a session for  the user even if the exchange token is wrong.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_ES_MOCK_MODE
 +
{{!}}Activate when set to 1. For development  purposes. This will create a mock ES client, skipping the ElasticSearch API  calls.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_ES_RESOLVE_BULKS
 +
{{!}}For use in conjunction with  TELEMETRY_ES_MOCK_MODE. If set to 1, the mock ES client bulk requests will be  resolved. If set to 0, they will be rejected.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}APP_LOG_LEVEL
 +
{{!}}default: info Log level of the API
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}API_LOG_LEVEL
 +
{{!}}default: warn Log level of the framework  (similar to access logs)
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_ENCRYPTION_KEY
 +
{{!}}Encryption key for the session cookie
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CORS_HOST
 +
{{!}}Host to be supported by CORS. They can be comma-separated values.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CORS_DOMAIN
 +
{{!}}Domains to be supported by CORS. They can be comma-separated values.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_TRACES_PROVIDER
 +
{{!}}The trace provider to use can be Elasticsearch or Console.
 +
{{!}}Elasticsearch
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_TRACES_BULK_SIZE
 +
{{!}}The maximum number or entries in a bulk request to Elasticsearch.
 +
{{!}}10000
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_TRACES_BULK_TIME
 +
{{!}}The maximum time (in minutes) between 2 bulk requests jobs to Elasticsearch.
 +
{{!}}1
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_TRACES_CONCURRENT
 +
{{!}}The maximum of parallel bulk request to Elasticsearch at the same time.
 +
{{!}}3
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_TRACES_THRESHOLD
 +
{{!}}The maximum buffer entries for Elasticsearch service.
 +
{{!}}400000
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_TRACES_SHIFT_THRESHOLD
 +
{{!}}The maximum number of shift before setting the Elasticsearch service as unhealthy.
 +
{{!}}50000
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_AUTH_MIN_INTERVAL
 +
{{!}}The minimum time between 2 authentications. The client will receive a HTTP 429 return code if a request comes in within this interval.
 +
{{!}}1
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_RECORD_MIN_INTERVAL
 +
{{!}}The minimum time between 2 record entries. The client will receive a HTTP 429 return code if a request comes in within this interval.
 +
{{!}}1
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_MAX_SESSION
 +
{{!}}The maximum active sessions handled by the service. Once the limit is reached, a new authentication will receive HTTP 503 code.
 +
{{!}}10000
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_SERVICE
 +
{{!}}Data source to fetch configurations. Possible  values : s3 &#124; premisefs &#124; env.
 +
{{!}}none
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_PATH
 +
{{!}}The internal path to the config folder in config provider
 +
{{!}}none
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_TIMER
 +
{{!}}The time period between each configuration fetch in minutes.
 +
{{!}}15
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_PREMISE_PATH
 +
{{!}}The filesystem path for config folder. This can  be combined with TELEMETRY_CONFIG_PATH.
 +
{{!}}none
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_BUCKET
 +
{{!}}Specify the S3 bucket to load service configurations
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_EVENT_MONITOR_TIME
 +
{{!}}The maximum time (in minutes) between 2 Event  Monitor report parsing.
 +
{{!}}10
 +
{{!}}
 +
{{!}}-
 +
{{!}}ENVIRONMENT_TYPE
 +
{{!}}The environment type. It can be dev, staging,  stage or prod.
 +
{{!}}staging
 +
{{!}}
 +
{{!}}-
 +
{{!}}AWS_REGION
 +
{{!}}AWS region for the stack.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}AZURE_REGION
 +
{{!}}Azure region for the stack.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CLOUD_PROVIDER
 +
{{!}}The Cloud provider for the service. IT can be  aws, azure, gcp or premise.
 +
{{!}}aws
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_SESSION_TIME
 +
{{!}}The time of a telemetry session in minutes.
 +
{{!}}4
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_AZURE_CONNECTION_STRING
 +
{{!}}The Connection string to connect to Azure blob  storage.
 +
{{!}}none
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_CONTRACTS
 +
{{!}}A Stringified JSON array to provision contracts  through env config provider.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_CORS
 +
{{!}}A Stringified JSON to provision cors through  env config provider.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_AUTH
 +
{{!}}A Stringified JSON to provision auth through  env config provider.
 +
{{!}}
 +
{{!}}
 +
{{!}}-
 +
{{!}}TELEMETRY_CONFIG_TENANTS
 +
{{!}}A Stringified JSON to provision tenants through  env config provider.
 
{{!}}
 
{{!}}
 
{{!}}-
 
{{!}}-
Line 194: Line 405:
 
<br />
 
<br />
 
|Status=Yes
 
|Status=Yes
 +
}}{{Section
 +
|sectionHeading=Prepare an environment
 +
|anchor=env-prep
 +
|alignment=Vertical
 +
|structuredtext=Create a new project namespace for Telemetry:
 +
<source lang="text">kubectl create namespace tlm</source>
 +
See {{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|topic=ConfigNamespace|display text=Creating namespaces}} for a list of approved namespaces.
 +
 +
Download the telemetry helm charts from the JFrog repository:
 +
<source lang="text">https://pureengage.jfrog.io/artifactory/helm-staging/tlm</source>
 +
Create a '''values-telemetry.yaml''' file and update the following parameters:
 +
<source lang="yaml">
 +
TELEMETRY_AUTH_CLIENT_SECRET: <CLIENT_SECRET GENEREATED FROM GAUTH>
 +
TELEMETRY_AUTH_CLIENT_ID: <CLIENT_ID GENEREATED FROM GAUTH>
 +
TELEMETRY_SERVICES_AUTH: "<GAUTH URL>"
 +
TELEMETRY_CLOUD_PROVIDER: "GKE"
 +
TELEMETRY_CORS_DOMAIN: "<domain for which cors has been enabled>"
 +
grafanaDashboard:
 +
  enabled: true
 +
</source>
 +
Copy the '''values-telemetry.yaml''' file and the '''tlm''' Helm package to the installation location.<br />
 +
|Status=No
 
}}
 
}}
 
|PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97
 
|PEPageType=9c3ae89b-4f75-495b-85f8-d8c4afcb3f97
 
}}
 
}}
 
}}
 
}}

Revision as of 17:20, December 22, 2021

This topic is part of the manual Telemetry Service Private Edition Guide for version Current of Telemetry Service.

Learn how to configure Telemetry Service.

Configure a secret to access JFrog

If you haven't done so already, create a secret for accessing the JFrog registry:
kubectl create secret docker-registry <credential-name> --docker-server=<docker repo> --docker-username=<username> --docker-password=<password> --docker-email=<emailid>
Now map the secret to the default service account:
kubectl secrets link default <credential-name> --for=pull

Override Helm chart values

Parameter Description Default Valid values
tlm.replicaCount Number of replicas 2
tlm.image.registry docker registry pureengage-docker-staging.jfrog.io
tlm.image.repository docker repository telemetry
tlm.image.tag WWE image version ``
tlm.image.pullPolicy Image pull policy IfNotPresent
tlm.image.imagePullSecrets Image pull secrets []
tlm.service.type k8s service type ClusterIP
tlm.service.port_external k8s service port external (for customer facing) 8107
tlm.service.port_internal k8s service port internal (for metric scrapping endpoint) 9107
tlm.ingress Ingress configuration block. See #Ingress {enabled:false}
tlm.resources.limits.cpu Maximum amount of CPU K8s allocates for container 750m
tlm.resources.limits.memory Maximum amount of Memory K8s allocates for container 1400Mi
tlm.resources.requests.cpu Guaranteed CPU allocation for container 750m
tlm.resources.requests.memory Guaranteed Memory allocation for container 1400Mi
tlm.deployment.strategy k8s deployment strategy {}
tlm.priorityClassName k8s priority classname genesysengage-high-priority
tlm.affinity pod affinity {}
tlm.nodeselector k8s nodeselector map { genesysengage.com/nodepool: general }
tlm.tolerations pod toleration []
tlm.annotations pod annotations []
tlm.autoscaling.enabled activate auto scaling true
tlm.autoscaling.targetCPUPercent CPU percentage autoscaling trigger 40
tlm.autoscaling.minReplicas Minimum number of replicas 2
tlm.autoscaling.maxReplicas Maximum number of replicas 10
tlm.secrets.name_override Name override of the secret to target ``
tlm.secrets.TELEMETRY_AUTH_CLIENT_SECRET GAuth client Secret value ``
tlm.context.envs.* Environment variables for Telemetry Service. Please refer to TLM service documentation ``
tlm.context.envs.TELEMETRY_AUTH_CLIENT_ID GAuth client ID value telemetry_client
tlm.context.envs.TELEMETRY_CLOUD_PROVIDER Specify the mode how telemetry service should be executed: Possible values aws / azure / openshift ``
TELEMETRY_SERVICES_AUTH (mandatory) URL of the GWS Auth public API
TELEMETRY_SERVICES_ES URL of the Elastic Search endpoint.
TELEMETRY_API_STRICT Define if the API accepts additional properties in payload. To disable strict mode, set it to 0.
TELEMETRY_AUTH_CLIENT_ID Client ID that is used to authenticate with auth service
TELEMETRY_AUTH_CLIENT_SECRET Client secret that is used to authenticate with auth service
TELEMETRY_HTTPS_ENABLED If set to true session cookie will use secure mode. If set to false, it will use insecure cookies. If set to auto, it will set secure flag of cookie based on x-forwarded-proto or values in TELEMETRY_HTTPS_CUSTOM_HEADERS if set. auto
TELEMETRY_HTTPS_CUSTOM_HEADERS If set, and TELEMETRY_HTTPS_ENABLED is set to auto mode, it will check the comma-separated list of custom headers here to see if it's http or https to determine the secure flag of cookie. x-forwarded-scheme
DEV_MODE Activate when set to 1. Display more relevant information in the console. Also set the logger level to more verbose.
TELEMETRY_BENCH_MODE Activate when set to 1. For development purpose. This will skip the OAuth validation and will create a session for the user even if the exchange token is wrong.
TELEMETRY_ES_MOCK_MODE Activate when set to 1. For development purposes. This will create a mock ES client, skipping the ElasticSearch API calls.
TELEMETRY_ES_RESOLVE_BULKS For use in conjunction with TELEMETRY_ES_MOCK_MODE. If set to 1, the mock ES client bulk requests will be resolved. If set to 0, they will be rejected.
APP_LOG_LEVEL default: info Log level of the API
API_LOG_LEVEL default: warn Log level of the framework (similar to access logs)
TELEMETRY_ENCRYPTION_KEY Encryption key for the session cookie
TELEMETRY_CORS_HOST Host to be supported by CORS. They can be comma-separated values.
TELEMETRY_CORS_DOMAIN Domains to be supported by CORS. They can be comma-separated values.
TELEMETRY_TRACES_PROVIDER The trace provider to use can be Elasticsearch or Console. Elasticsearch
TELEMETRY_TRACES_BULK_SIZE The maximum number or entries in a bulk request to Elasticsearch. 10000
TELEMETRY_TRACES_BULK_TIME The maximum time (in minutes) between 2 bulk requests jobs to Elasticsearch. 1
TELEMETRY_TRACES_CONCURRENT The maximum of parallel bulk request to Elasticsearch at the same time. 3
TELEMETRY_TRACES_THRESHOLD The maximum buffer entries for Elasticsearch service. 400000
TELEMETRY_TRACES_SHIFT_THRESHOLD The maximum number of shift before setting the Elasticsearch service as unhealthy. 50000
TELEMETRY_AUTH_MIN_INTERVAL The minimum time between 2 authentications. The client will receive a HTTP 429 return code if a request comes in within this interval. 1
TELEMETRY_RECORD_MIN_INTERVAL The minimum time between 2 record entries. The client will receive a HTTP 429 return code if a request comes in within this interval. 1
TELEMETRY_MAX_SESSION The maximum active sessions handled by the service. Once the limit is reached, a new authentication will receive HTTP 503 code. 10000
TELEMETRY_CONFIG_SERVICE Data source to fetch configurations. Possible values : s3 | premisefs | env. none
TELEMETRY_CONFIG_PATH The internal path to the config folder in config provider none
TELEMETRY_CONFIG_TIMER The time period between each configuration fetch in minutes. 15
TELEMETRY_CONFIG_PREMISE_PATH The filesystem path for config folder. This can be combined with TELEMETRY_CONFIG_PATH. none
TELEMETRY_CONFIG_BUCKET Specify the S3 bucket to load service configurations
TELEMETRY_EVENT_MONITOR_TIME The maximum time (in minutes) between 2 Event Monitor report parsing. 10
ENVIRONMENT_TYPE The environment type. It can be dev, staging, stage or prod. staging
AWS_REGION AWS region for the stack.
AZURE_REGION Azure region for the stack.
TELEMETRY_CLOUD_PROVIDER The Cloud provider for the service. IT can be aws, azure, gcp or premise. aws
TELEMETRY_SESSION_TIME The time of a telemetry session in minutes. 4
TELEMETRY_AZURE_CONNECTION_STRING The Connection string to connect to Azure blob storage. none
TELEMETRY_CONFIG_CONTRACTS A Stringified JSON array to provision contracts through env config provider.
TELEMETRY_CONFIG_CORS A Stringified JSON to provision cors through env config provider.
TELEMETRY_CONFIG_AUTH A Stringified JSON to provision auth through env config provider.
TELEMETRY_CONFIG_TENANTS A Stringified JSON to provision tenants through env config provider.
serviceMonitor.enabled Activation of service monitor true
podDisruptionBudget.enabled Activation of pod disruption true


You can modify the configuration to suit your environment by two methods:

  • Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,
    helm install telemetry-service.tgz --set tlm.replicaCount 4
  • Specify the parameters to be modified in a values.yaml file.
    helm install --name tlm -f values.yaml telemetry-service.tgz

Configure Kubernetes

Document the layouts for the following so customers can create them if their Helm chart doesn't include a way to do this:
  • ConfigMaps
  • Secrets
NA

Configure security

List security-related settings, such as how to set up credentials and certificates for third-party services.
NA


Prepare an environment

Create a new project namespace for Telemetry:

kubectl create namespace tlm

See Creating namespaces for a list of approved namespaces.

Download the telemetry helm charts from the JFrog repository:

https://pureengage.jfrog.io/artifactory/helm-staging/tlm

Create a values-telemetry.yaml file and update the following parameters:

TELEMETRY_AUTH_CLIENT_SECRET: <CLIENT_SECRET GENEREATED FROM GAUTH>
TELEMETRY_AUTH_CLIENT_ID: <CLIENT_ID GENEREATED FROM GAUTH>
TELEMETRY_SERVICES_AUTH: "<GAUTH URL>"
TELEMETRY_CLOUD_PROVIDER: "GKE"
TELEMETRY_CORS_DOMAIN: "<domain for which cors has been enabled>"
grafanaDashboard:
  enabled: true

Copy the values-telemetry.yaml file and the tlm Helm package to the installation location.

}}

Retrieved from "https://all.docs.genesys.com/TLM/Current/TLMPEGuide/Configure (2024-11-09 13:26:12)"
Comments or questions about this documentation? Contact us for support!