Difference between revisions of "AUTH/Current/AuthPEGuide/Deploy"
From Genesys Documentation
(Published) |
(Published) |
||
| Line 12: | Line 12: | ||
|anchor=Prepare | |anchor=Prepare | ||
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext=To prepare your environment for the deployment, | + | |structuredtext=To prepare your environment for the deployment, complete the steps in this section for either OpenShift or Google Kubernetes Engine (GKE). |
| + | |||
| + | ===OpenShift=== | ||
| + | Log in to the OpenShift cluster from the host where you will run the deployment: | ||
| + | oc login --token <token> --server <url of api server> | ||
| + | First confirm the cluster is running: | ||
<source lang="text">oc get clusterversion</source> | <source lang="text">oc get clusterversion</source> | ||
| − | Create a new | + | Create a new project for Genesys Authentication: |
<source lang="text">oc new-project gauth</source> | <source lang="text">oc new-project gauth</source> | ||
| − | + | ===GKE=== | |
| − | + | Log in to the GKE cluster from the host where you will run the deployment: | |
| − | + | <syntaxhighlight> | |
| + | gcloud container clusters get-credentials <cluster> | ||
| + | </syntaxhighlight>Create a JSON file called '''create-gauth-namespace.json''' with the following content: <syntaxhighlight> | ||
| + | { | ||
| + | "apiVersion": "v1", | ||
| + | "kind": "Namespace", | ||
| + | "metadata": { | ||
| + | "name": "gauth", | ||
| + | "labels": { | ||
| + | "name": "gauth" | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | </syntaxhighlight>Use the JSON file to create a new namespace for Genesys Authentication:<syntaxhighlight> | ||
| + | kubectl apply -f apply create-gauth-namespace.json | ||
| + | </syntaxhighlight>Now confirm the namespace was created:<syntaxhighlight> | ||
| + | kubectl describe namespace gauth | ||
| + | </syntaxhighlight><br /> | ||
|Status=No | |Status=No | ||
}}{{Section | }}{{Section | ||
| − | |sectionHeading=Deploy | + | |sectionHeading=Deploy |
|anchor=de | |anchor=de | ||
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext=To deploy Genesys Authentication | + | |structuredtext=To deploy Genesys Authentication, you'll need the Helm package and your overrides file. Copy '''values.yaml''' and the Helm package ('''gauth-<version>.tgz''') to the installation location. |
| − | |||
| − | Copy ''' | ||
| − | |||
| − | |||
| − | |||
| − | + | For OpenShift, select the '''gauth''' project you created in {{Link-SomewhereInThisVersion|manual=AuthPEGuide|topic=Deploy|anchor=OpenShift|display text=Prepare your environment}}: | |
oc project gauth | oc project gauth | ||
For debugging purposes, use the following command to render templates without installing so you can check that resources are created properly: | For debugging purposes, use the following command to render templates without installing so you can check that resources are created properly: | ||
| − | helm template --debug /gauth-<version>.tgz -f values | + | helm template --debug /gauth-<version>.tgz -f values.yaml |
| − | The result shows Kubernetes descriptors. The values you see are generated from Helm templates, and based on settings from ''' | + | The result shows Kubernetes descriptors. The values you see are generated from Helm templates, and based on settings from '''values.yaml'''. Ensure that no errors are displayed; you will later apply this configuration to your Kubernetes cluster. |
Now you're ready to deploy Genesys Authentication: | Now you're ready to deploy Genesys Authentication: | ||
| − | helm install gauth ./gauth-<version>.tgz -f values-gauth. | + | helm install gauth ./gauth-<version>.tgz -f values.yaml -n gauth |
| + | |Status=No | ||
| + | }}{{Section | ||
| + | |sectionHeading=Configure external access | ||
| + | |anchor=access | ||
| + | |alignment=Vertical | ||
| + | |structuredtext=Follow the instructions for either OpenShift or GKE to make the Genesys Authentication services accessible from outside the cluster. | ||
| + | |||
| + | ===Create routes in OpenShift=== | ||
| + | After deploying, make the Genesys Authentication services accessible from outside the OpenShift cluster using the standard HTTP port. Make sure to use the same hostname for all three routes. Genesys recommends using the following hostname format: <code>gauth.<cluster-subdomain></code>. For example, the VCE cluster (<nowiki>https://console-openshift-console.apps.<yourclusterdomain>.com/</nowiki>) should have the hostname '''gauth.apps.<yourclusterdomain>.com''' | ||
| + | oc create route edge --service=<env-service> --hostname=<hostname> --path /environment | ||
| + | oc create route edge --service=<gauth-service> --hostname=<hostname> --path /auth | ||
| + | oc create route edge --service=<gauth-auth-ui-service> --hostname=<hostname> --path /ui/auth | ||
| + | Verify the new route is created in the '''gauth''' namespace: | ||
| + | oc get route -n gauth | ||
| + | The result includes the following information about the services: | ||
| + | NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD | ||
| + | env gauth.apps.<yourclusterdomain>.com /environment gauth-environment https None | ||
| + | gauth gauth.apps.<yourclusterdomain>.com /auth gauth-auth https None | ||
| + | gauth-auth-ui gauth.apps.<yourclusterdomain>.com /ui/auth gauth-auth-ui https None | ||
| + | Note: <code>HOST</code> is the host name generated by OpenShift. | ||
| − | Check the installed Helm release: | + | ===Provision ingresses for GKE=== |
| + | This step is completed as part of the private edition deployment for {{Link-AnywhereElse|product=GWS|version=Current|manual=GWSPEGuide|topic=DeployIngress|anchor=GKEingress|display text=Web Services and Applications}}. | ||
| + | |Status=No | ||
| + | }}{{Section | ||
| + | |sectionHeading=Validate the deployment | ||
| + | |alignment=Vertical | ||
| + | |structuredtext=Check the installed Helm release: | ||
helm list | helm list | ||
| − | |||
The results should show the Genesys Authentication deployment details. For example: | The results should show the Genesys Authentication deployment details. For example: | ||
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION | NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION | ||
gauth gauth 1 2021-05-20 11:56:32.5531685 +0530 +0530 deployed gauth-0.1.77 0.1 | gauth gauth 1 2021-05-20 11:56:32.5531685 +0530 +0530 deployed gauth-0.1.77 0.1 | ||
| − | |||
Check the '''gauth''' namespace status: | Check the '''gauth''' namespace status: | ||
helm status gauth | helm status gauth | ||
| − | |||
The result should show the namespace details with a status of deployed: | The result should show the namespace details with a status of deployed: | ||
NAME: gauth | NAME: gauth | ||
| Line 63: | Line 103: | ||
REVISION: 1 | REVISION: 1 | ||
TEST SUITE: None | TEST SUITE: None | ||
| − | + | Check the Genesys Authentication Kubernetes objects created by Helm: | |
| − | Check the Genesys Authentication | + | kubectl get all -n gauth |
| − | |||
| − | |||
The result should show all the created pods, service ConfigMaps, and so on. | The result should show all the created pods, service ConfigMaps, and so on. | ||
| − | + | Finally, verify that you can now access Genesys Authentication at the following URL: https://<hostname>/ui/auth/sign-in.html | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|Status=No | |Status=No | ||
}} | }} | ||
|PEPageType=45d1441f-dc69-4a17-bd47-af5d811ce167 | |PEPageType=45d1441f-dc69-4a17-bd47-af5d811ce167 | ||
}} | }} | ||
Revision as of 19:28, October 29, 2021
This topic is part of the manual Genesys Authentication Private Edition Guide for version Current of Genesys Authentication.
Contents
Learn how to deploy Genesys Authentication.
Related documentation:
RSS:
Important
Make sure to review Before you begin for the full list of prerequisites required to deploy Genesys Authentication.Prepare your environment
To prepare your environment for the deployment, complete the steps in this section for either OpenShift or Google Kubernetes Engine (GKE).
OpenShift
Log in to the OpenShift cluster from the host where you will run the deployment:
oc login --token <token> --server <url of api server>
First confirm the cluster is running:
oc get clusterversionCreate a new project for Genesys Authentication:
oc new-project gauthGKE
Log in to the GKE cluster from the host where you will run the deployment:
gcloud container clusters get-credentials <cluster>{
"apiVersion": "v1",
"kind": "Namespace",
"metadata": {
"name": "gauth",
"labels": {
"name": "gauth"
}
}
}kubectl apply -f apply create-gauth-namespace.jsonkubectl describe namespace gauthDeploy
To deploy Genesys Authentication, you'll need the Helm package and your overrides file. Copy values.yaml and the Helm package (gauth-<version>.tgz) to the installation location.
For OpenShift, select the gauth project you created in Prepare your environment:
oc project gauth
For debugging purposes, use the following command to render templates without installing so you can check that resources are created properly:
helm template --debug /gauth-<version>.tgz -f values.yaml
The result shows Kubernetes descriptors. The values you see are generated from Helm templates, and based on settings from values.yaml. Ensure that no errors are displayed; you will later apply this configuration to your Kubernetes cluster.
Now you're ready to deploy Genesys Authentication:
helm install gauth ./gauth-<version>.tgz -f values.yaml -n gauth
Configure external access
Follow the instructions for either OpenShift or GKE to make the Genesys Authentication services accessible from outside the cluster.
Create routes in OpenShift
After deploying, make the Genesys Authentication services accessible from outside the OpenShift cluster using the standard HTTP port. Make sure to use the same hostname for all three routes. Genesys recommends using the following hostname format: gauth.<cluster-subdomain>. For example, the VCE cluster (https://console-openshift-console.apps.<yourclusterdomain>.com/) should have the hostname gauth.apps.<yourclusterdomain>.com
oc create route edge --service=<env-service> --hostname=<hostname> --path /environment oc create route edge --service=<gauth-service> --hostname=<hostname> --path /auth oc create route edge --service=<gauth-auth-ui-service> --hostname=<hostname> --path /ui/auth
Verify the new route is created in the gauth namespace:
oc get route -n gauth
The result includes the following information about the services:
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD env gauth.apps.<yourclusterdomain>.com /environment gauth-environment https None gauth gauth.apps.<yourclusterdomain>.com /auth gauth-auth https None gauth-auth-ui gauth.apps.<yourclusterdomain>.com /ui/auth gauth-auth-ui https None
Note: HOST is the host name generated by OpenShift.
Provision ingresses for GKE
This step is completed as part of the private edition deployment for Web Services and Applications.
Validate the deployment
Check the installed Helm release:
helm list
The results should show the Genesys Authentication deployment details. For example:
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION gauth gauth 1 2021-05-20 11:56:32.5531685 +0530 +0530 deployed gauth-0.1.77 0.1
Check the gauth namespace status:
helm status gauth
The result should show the namespace details with a status of deployed:
NAME: gauth LAST DEPLOYED: Thu May 20 11:56:32 2021 NAMESPACE: gauth STATUS: deployed REVISION: 1 TEST SUITE: None
Check the Genesys Authentication Kubernetes objects created by Helm:
kubectl get all -n gauth
The result should show all the created pods, service ConfigMaps, and so on.
Finally, verify that you can now access Genesys Authentication at the following URL: https://<hostname>/ui/auth/sign-in.html
Comments or questions about this documentation? Contact us for support!