Difference between revisions of "PEC-REP/Current/GIMPEGuide/ConfigureGSP"
From Genesys Documentation
| Line 5: | Line 5: | ||
|ComingSoon=No | |ComingSoon=No | ||
|Section={{Section | |Section={{Section | ||
| − | |sectionHeading= | + | |sectionHeading=Override Helm chart values |
| − | |anchor= | + | |anchor=OverrideValues |
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext= | + | |structuredtext=Download the GSP Helm charts from JFrog using your credentials. You must override certain parameters in the GSP '''values.yaml''' file to provide deployment-specific values for certain parameters. |
| − | + | For general information about overriding Helm chart values, see {{SuiteLevelLink|helmoverride}} in the ''{{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|display text=Genesys Multicloud CX Private Edition Guide}}''. | |
| − | + | If you want to use arbitrary UIDs in your OpenShift deployment, you must override the '''securityContext''' settings in the GSP '''values.yaml''' file, so that no user or group IDs are specified. For details, see [[{{FULLPAGENAME}}#Security|Configure security]], below. | |
| − | At minimum, you must | + | To enable S3-compatible storage to store data that GSP requires during processing, see [[{{FULLPAGENAME}}#Storage|Configure S3-compatible storage]], below. |
| + | |||
| + | You can also specify values in the '''values.yaml''' file to override the default values of configuration options that control GSP behavior and to customize user data and Outbound field mappings. <!--{{Editgrn_open}}<font color=red>'''Writer's note:''' Uncomment the link after the referenced section is published.</font> For more information, see [[{{FULLPAGENAME}}#Options|Configure GSP behavior]].{{Editgrn_close}}--> | ||
| + | |||
| + | At a minimum, you must override the following key entries in the GSP '''values.yaml''' file: | ||
| + | |||
| + | *<tt>image:</tt> | ||
| + | *:<tt>registry</tt> — ''the registry from which Kubernetes will pull images (''<tt>pureengage-docker-staging.jfrog.io</tt> ''by default)'' | ||
| + | *:<tt>tag</tt> — ''the container image version'' | ||
| + | *<tt>imagePullSecrets:</tt> | ||
| + | *:<tt>pureengage-docker-dev</tt> or <tt>pureengage-docker-staging</tt> — ''the secret from which Kubernetes will get credentials to pull the image from the registry''<!--{{Editgrn_open}}<font color=red>'''Writer's note:''' The PAT team instructions show jfrog-stage-credentials but that parameter is not in the values.yaml?</font>{{Editgrn_close}}--> | ||
| + | *<tt>kafka:</tt> | ||
| + | *:<tt>bootstrap</tt> — ''the Kafka address to align with the infrastructure Kafka'' | ||
| + | <!--{{Editgrn_open}}<font color=red>'''Writer's note:''' Should we add a note that the storage:pvc parameter is not used?</font>{{Editgrn_close}}--> | ||
| + | |||
| + | If topic names in your Kafka configuration have been customized, you must also modify the <tt>kafka:topic</tt> parameter values to match. For more details about the required Kafka topics, see {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=PlanningGSP|anchor=Kafka|display text=Kafka configuration}}. | ||
{{NoteFormat|Treat your modified '''values.yaml''' file as source code, which you are responsible to maintain so that your overrides are preserved and available for reuse when you upgrade.}} | {{NoteFormat|Treat your modified '''values.yaml''' file as source code, which you are responsible to maintain so that your overrides are preserved and available for reuse when you upgrade.}} | ||
|Status=No | |Status=No | ||
}}{{Section | }}{{Section | ||
| − | |sectionHeading= | + | |sectionHeading=Configure Kubernetes |
| − | |||
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext={{AnchorDiv| | + | |structuredtext={{AnchorDiv|Secrets}} |
| − | === | + | ===Secrets=== |
| − | + | GSP requires the following secrets: | |
| + | |||
| + | *<tt>docker-registry</tt> — Credentials to pull the image from the JFrog repository | ||
| + | *<tt>kafka-secrets</tt> — Credentials to access Kafka | ||
| + | *<tt>gsp-s3</tt> — Credentials to access S3-compatible storage | ||
| − | + | Except for <tt>docker-registry</tt> and <tt>kafka-secrets</tt>, which you must create manually (see the environment setup instructions on {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=DeployGSP}}), Helm creates the secrets based on values you specify in the '''values.yaml''' file. | |
| − | + | {{AnchorDiv|ConfigMaps}} | |
| − | + | ===Config Maps=== | |
| − | + | Helm creates a number of Config Maps based on option values you specify in the '''values.yaml''' file (see [[{{FULLPAGENAME}}#Options|Configure GSP behavior]]). There are no Config Maps you can configure directly. | |
| − | {{AnchorDiv| | ||
| − | === | ||
| − | |||
| − | + | {{AnchorDiv|KubeAPI}} | |
| − | + | ===Kubernetes API requirements=== | |
| + | GSP uses Apache Flink as the engine for stateful stream processing, with communications handled via the Kubernetes API. | ||
| − | + | GSP needs permissions to use the following verbs: | |
| − | *< | + | *<tt>get</tt>, <tt>list</tt>, <tt>watch</tt>, and <tt>delete</tt> on '''jobs''' resources in the '''batch''' API group. GSP uses these commands during upgrade and for a pre-upgrade hook to ensure that the previous version of GSP is stopped before upgrading to the new version. |
| − | + | *<tt>update</tt>, <tt>get</tt>, <tt>create</tt>, <tt>watch</tt>, <tt>patch</tt>, <tt>delete</tt>, <tt>list</tt> on '''configmap''' resources in the general API group (“”). GSP uses these commands: | |
| − | + | **To enable Flink's Kubernetes high availability (HA) services to function | |
| − | + | **To record the path to the savepoint periodically taken by the '''take-savepoint''' cron job and by the upgrade hook | |
|Status=No | |Status=No | ||
}}{{Section | }}{{Section | ||
| − | |sectionHeading= | + | |sectionHeading=Configure security |
| − | |anchor= | + | |anchor=Security |
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext= | + | |structuredtext=The security context settings define the privilege and access control settings for pods and containers. |
| − | |||
| − | |||
| − | + | By default, the user and group IDs are set in the GSP '''values.yaml''' file as <tt>500:500:500</tt>, meaning the '''genesys''' user. | |
| − | + | <source lang="bash"> | |
| − | + | securityContext: | |
| + | runAsNonRoot: true | ||
| + | runAsUser: 500 | ||
| + | runAsGroup: 500 | ||
| + | fsGroup: 500 | ||
| − | === | + | containerSecurityContext: {} |
| − | + | </source> | |
| + | ===Arbitrary UIDs in OpenShift=== | ||
| + | If you want to use arbitrary UIDs in your OpenShift deployment, you must override the '''securityContext''' settings in the GSP '''values.yaml''' file, so that you do not define any specific IDs. | ||
| − | + | <source lang="bash"> | |
| − | + | securityContext: | |
| − | + | runAsNonRoot: true | |
| − | + | runAsUser: null | |
| − | + | runAsGroup: 0 | |
| + | fsGroup: null | ||
| − | + | containerSecurityContext: {} | |
| + | </source> | ||
|Status=No | |Status=No | ||
}}{{Section | }}{{Section | ||
| − | |sectionHeading=S3-compatible storage | + | |sectionHeading=Configure S3-compatible storage |
| − | |anchor= | + | |anchor=Storage |
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext= | + | |structuredtext=By default, GSP is configured to use Azure Blob Storage as the persistent data store for data used during processing. To use Azure Blob Storage, modify the following entries in the '''values.yaml''' file: |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | By default, GSP is configured to use Azure Blob Storage as the persistent data store. | ||
| − | *< | + | *<tt>job:</tt> |
| − | *: < | + | *: <tt>storage:</tt> |
| − | *: < | + | *: <tt>gspPrefix</tt> — ''the URI path prefix under which GSP savepoints, checkpoints, and high-availability data will be stored'' |
| − | *: < | + | *: <tt>gcaSnapshots</tt> — ''the URI path under which GCA snapshot(s) will be stored'' |
To enable other types of S3-compatible storage, modify the following entries in the '''values.yaml''' file: | To enable other types of S3-compatible storage, modify the following entries in the '''values.yaml''' file: | ||
| − | *< | + | *<tt>azure:</tt> |
| − | *: < | + | *: <tt>enabled:</tt> false |
| − | *< | + | *<tt>job:</tt> |
| − | *: < | + | *: <tt>storage:</tt> |
| − | *: < | + | *: <tt>gspPrefix</tt> — ''the bucket name where GSP savepoints, checkpoints, and high-availability data will be stored'' |
| − | *: < | + | *: <tt>gcaSnapshots</tt> — ''the bucket name where the GCA snapshot(s) will be stored'' |
| − | *: < | + | *: <tt>s3</tt> — ''the applicable details defined with the OBC or GCP bucket'' |
| − | *:'''Note:''' The < | + | *:'''Note:''' The <tt>host</tt> parameter is ignored. |
====OpenShift example==== | ====OpenShift example==== | ||
| Line 118: | Line 131: | ||
secretKey: "<secret key>" | secretKey: "<secret key>" | ||
pathStyleAccess: "true"</source> | pathStyleAccess: "true"</source> | ||
| + | |||
====GKE example==== | ====GKE example==== | ||
<source lang="bash">azure: | <source lang="bash">azure: | ||
| Line 137: | Line 151: | ||
secretKey: "<secret key>" | secretKey: "<secret key>" | ||
pathStyleAccess: "true"</source> | pathStyleAccess: "true"</source> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|Status=No | |Status=No | ||
}}{{Section | }}{{Section | ||
| Line 232: | Line 156: | ||
|anchor=Options | |anchor=Options | ||
|alignment=Vertical | |alignment=Vertical | ||
| − | |structuredtext= | + | |structuredtext={{Editgrn_open}}<font color=red>Whole section is new</font>{{Editgrn_close}} |
You can override aspects of the default configuration to modify GSP behavior and customize the way data is stored in the Info Mart database. | You can override aspects of the default configuration to modify GSP behavior and customize the way data is stored in the Info Mart database. | ||
| Line 248: | Line 172: | ||
{{Editgrn_open}}<font color=red>'''Alexey/Kostya,''' I've combined and extrapolated from info in e-mails and Jira tickets. Please esp. confirm the syntax in this subsection and in the extended example [[{{FULLPAGENAME}}#Example|at the bottom of the page]].</font>{{Editgrn_close}} | {{Editgrn_open}}<font color=red>'''Alexey/Kostya,''' I've combined and extrapolated from info in e-mails and Jira tickets. Please esp. confirm the syntax in this subsection and in the extended example [[{{FULLPAGENAME}}#Example|at the bottom of the page]].</font>{{Editgrn_close}} | ||
| − | + | Under the '''cfgOptions''' object in the GSP '''values.yaml''' file, specify the option and value in JSON format. Note the following: | |
| + | |||
*Options are separately configurable by tenant and, where applicable, by media type or even at the level of individual queues (DNs or scripts). | *Options are separately configurable by tenant and, where applicable, by media type or even at the level of individual queues (DNs or scripts). | ||
*Where an option can be configured at various levels, you can override a value set at a higher level (for example, for a particular media type in general) to set a different value for a particular lower-level object (for example, for that media type for an individual DN). | *Where an option can be configured at various levels, you can override a value set at a higher level (for example, for a particular media type in general) to set a different value for a particular lower-level object (for example, for that media type for an individual DN). | ||
*See the {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=GSPConfigOptions|anchor=ConfigLevel|display text=note about configuration levels}} for information about the available configuration levels for certain options. | *See the {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=GSPConfigOptions|anchor=ConfigLevel|display text=note about configuration levels}} for information about the available configuration levels for certain options. | ||
| − | The entries | + | The structure of the entries is: |
<source lang="bash"> | <source lang="bash"> | ||
cfgOptions: | cfgOptions: | ||
| Line 289: | Line 214: | ||
As described on [link TBD], you can extend storage of user data in the Info Mart database to include additional user-data KVPs you want to capture as custom user-data facts or dimensions. | As described on [link TBD], you can extend storage of user data in the Info Mart database to include additional user-data KVPs you want to capture as custom user-data facts or dimensions. | ||
| − | + | Under the '''udeMapping''' object in the GSP '''values.yaml''' file, specify the mapping between your custom KVPs and the custom user-data database table(s) and column(s). Note the following: | |
| + | |||
*The mapping, which is specified in JSON format, is configured separately by tenant. | *The mapping, which is specified in JSON format, is configured separately by tenant. | ||
*In addition to specifying the database table and column in which the KVP value will be stored, you also specify the ''propagation rule'' that Genesys Info Mart will use to determine what value to store if more than one value is extracted for the same key in the same interaction. See {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=UserData|anchor=PropagationRules|display text=Propagation rules}} for more information. | *In addition to specifying the database table and column in which the KVP value will be stored, you also specify the ''propagation rule'' that Genesys Info Mart will use to determine what value to store if more than one value is extracted for the same key in the same interaction. See {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=UserData|anchor=PropagationRules|display text=Propagation rules}} for more information. | ||
| Line 339: | Line 265: | ||
Genesys Info Mart stores data about every outbound contact attempt, based on Record Field data it receives from the CX Contact (CXC) service. As described on {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=Outbound}}, some of the mapping between Field data and the Info Mart database tables and columns is predefined, and some is custom. | Genesys Info Mart stores data about every outbound contact attempt, based on Record Field data it receives from the CX Contact (CXC) service. As described on {{Link-SomewhereInThisVersion|manual=GIMPEGuide|topic=Outbound}}, some of the mapping between Field data and the Info Mart database tables and columns is predefined, and some is custom. | ||
| − | + | Under the '''ocsMapping''' object in the GSP '''values.yaml''' file, specify the mapping between your custom record fields and the tables and columns provided in the Info Mart database for custom record field data, namely: | |
| + | |||
*In the CONTACT_ATTEMPT_FACT table: | *In the CONTACT_ATTEMPT_FACT table: | ||
**10 floating-point numbers: <tt>numeric(14,4)</tt> | **10 floating-point numbers: <tt>numeric(14,4)</tt> | ||
Revision as of 16:46, September 2, 2022
This topic is part of the manual Genesys Info Mart Private Edition Guide for version Current of Reporting.
Contents
Learn how to configure GIM Stream Processor (GSP).
Related documentation:
RSS:
Override Helm chart values
Download the GSP Helm charts from JFrog using your credentials. You must override certain parameters in the GSP values.yaml file to provide deployment-specific values for certain parameters.
For general information about overriding Helm chart values, see Overriding Helm chart values in the Genesys Multicloud CX Private Edition Guide.
If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the GSP values.yaml file, so that no user or group IDs are specified. For details, see Configure security, below.
To enable S3-compatible storage to store data that GSP requires during processing, see Configure S3-compatible storage, below.
You can also specify values in the values.yaml file to override the default values of configuration options that control GSP behavior and to customize user data and Outbound field mappings.
At a minimum, you must override the following key entries in the GSP values.yaml file:
- image:
- registry — the registry from which Kubernetes will pull images (pureengage-docker-staging.jfrog.io by default)
- tag — the container image version
- imagePullSecrets:
- pureengage-docker-dev or pureengage-docker-staging — the secret from which Kubernetes will get credentials to pull the image from the registry
- kafka:
- bootstrap — the Kafka address to align with the infrastructure Kafka
If topic names in your Kafka configuration have been customized, you must also modify the kafka:topic parameter values to match. For more details about the required Kafka topics, see Kafka configuration.
Important
Treat your modified values.yaml file as source code, which you are responsible to maintain so that your overrides are preserved and available for reuse when you upgrade.Configure Kubernetes
Secrets
GSP requires the following secrets:
- docker-registry — Credentials to pull the image from the JFrog repository
- kafka-secrets — Credentials to access Kafka
- gsp-s3 — Credentials to access S3-compatible storage
Except for docker-registry and kafka-secrets, which you must create manually (see the environment setup instructions on Deploy GIM Stream Processor), Helm creates the secrets based on values you specify in the values.yaml file.
Config Maps
Helm creates a number of Config Maps based on option values you specify in the values.yaml file (see Configure GSP behavior). There are no Config Maps you can configure directly.
Kubernetes API requirements
GSP uses Apache Flink as the engine for stateful stream processing, with communications handled via the Kubernetes API.
GSP needs permissions to use the following verbs:
- get, list, watch, and delete on jobs resources in the batch API group. GSP uses these commands during upgrade and for a pre-upgrade hook to ensure that the previous version of GSP is stopped before upgrading to the new version.
- update, get, create, watch, patch, delete, list on configmap resources in the general API group (“”). GSP uses these commands:
- To enable Flink's Kubernetes high availability (HA) services to function
- To record the path to the savepoint periodically taken by the take-savepoint cron job and by the upgrade hook
Configure security
The security context settings define the privilege and access control settings for pods and containers.
By default, the user and group IDs are set in the GSP values.yaml file as 500:500:500, meaning the genesys user.
securityContext:
runAsNonRoot: true
runAsUser: 500
runAsGroup: 500
fsGroup: 500
containerSecurityContext: {}Arbitrary UIDs in OpenShift
If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the GSP values.yaml file, so that you do not define any specific IDs.
securityContext:
runAsNonRoot: true
runAsUser: null
runAsGroup: 0
fsGroup: null
containerSecurityContext: {}Configure S3-compatible storage
By default, GSP is configured to use Azure Blob Storage as the persistent data store for data used during processing. To use Azure Blob Storage, modify the following entries in the values.yaml file:
- job:
- storage:
- gspPrefix — the URI path prefix under which GSP savepoints, checkpoints, and high-availability data will be stored
- gcaSnapshots — the URI path under which GCA snapshot(s) will be stored
To enable other types of S3-compatible storage, modify the following entries in the values.yaml file:
- azure:
- enabled: false
- job:
- storage:
- gspPrefix — the bucket name where GSP savepoints, checkpoints, and high-availability data will be stored
- gcaSnapshots — the bucket name where the GCA snapshot(s) will be stored
- s3 — the applicable details defined with the OBC or GCP bucket
- Note: The host parameter is ignored.
OpenShift example
azure:
enabled: false
..
job:
storage:
host: gspstate{{.Values.short_location}}{{.Values.environment}}.blob.core.windows.net
#gspPrefix: wasbs://gsp-state@{{ tpl .Values.job.storage.host . }}/{{ .Release.Name }}/
gspPrefix: "s3p://gim-3f7ac1ab-03b9-445b-ba12-137d4bbc3c38/{{ .Release.Name }}/"
#gcaSnapshots: wasbs://gca@{{ tpl .Values.job.storage.host . }}/
gcaSnapshots: "s3p://gim-3f7ac1ab-03b9-445b-ba12-137d4bbc3c38/gca/"
checkpoints: '{{ tpl .Values.job.storage.gspPrefix . }}checkpoints'
savepoints: '{{ tpl .Values.job.storage.gspPrefix . }}savepoints'
highAvailability: '{{ tpl .Values.job.storage.gspPrefix . }}ha'
s3:
endpoint: "https://s3.openshift-storage.svc:443"
accessKey: "<access key>"
secretKey: "<secret key>"
pathStyleAccess: "true"GKE example
azure:
enabled: false
...
job:
storage:
host: gspstate{{.Values.short_location}}{{.Values.environment}}.blob.core.windows.net
#gspPrefix: wasbs://gsp-state@{{ tpl .Values.job.storage.host . }}/{{ .Release.Name }}/
gspPrefix: "s3p://test-example-bucket-one/{{ .Release.Name }}/"
#gcaSnapshots: wasbs://gca@{{ tpl .Values.job.storage.host . }}/
gcaSnapshots: "s3p://test-example-bucket-one/gca/"
checkpoints: '{{ tpl .Values.job.storage.gspPrefix . }}checkpoints'
savepoints: '{{ tpl .Values.job.storage.gspPrefix . }}savepoints'
highAvailability: '{{ tpl .Values.job.storage.gspPrefix . }}ha'
s3:
endpoint: "https://storage.googleapis.com:443"
accessKey: "<access Key>"
secretKey: "<secret key>"
pathStyleAccess: "true"Comments or questions about this documentation? Contact us for support!