Difference between revisions of "PEC-REP/Current/PulsePEGuide/Provision"

Single namespace deployments have a software-defined networking (SDN) with multitenant mode, where namespaces are network isolated. If you plan to deploy Pulse into the single namespace (OpenShift SDN Multi-tenant mode where namespaces are network isolated), ensure that your environment meets the following requirements for inputs:

*:{{NoteFormat|Enable configurator only for configurations in GKE with VPC scoped DNS, or OpenShift with single namespace.

*Update the <tt>values-override-init-tenant.yaml</tt> file (OpenShift):

*:<source lang="bash">

# Default values for init-tenant.

# This is a YAML-formatted file.

# Declare variables to be passed into your templates.

   

  tag: "<image-version>"

  imagePullSecrets: [name: "<docker-registry-secret-name>"]

   

# * Tenant info

# Replace for your values

tenant:

   # Tenant UUID

   id: <tenant-uuid>

   sid: <tenant-sid>

# common configuration.

## Service account settings

podSecurityContext:

## Resource requests and limits

resources:

    cpu: 200m

   requests:

    cpu: 100m

# * Templates

templates:

   - Agent_Group_Status.gpb

  - Agent_KPIs.gpb

  - Agent_Login.gpb

  - Alert_Widget.gpb

  - Callback_Activity.gpb

   - Chat_Queue_Activity.gpb

   - Chat_Service_Level_Performance.gpb

   - Chat_Waiting_Statistics.gpb

   - Email_Agent_Activity.gpb

   - Facebook_Media_Activity.gpb

   - IFRAME.gpb

   - IWD_Agent_Activity.gpb

   - IWD_Queue_Activity.gpb

   - Queue_KPIs.gpb

   - Queue_Overflow_Reason.gpb

  - Static_Text.gpb

  - Twitter_Media_Activity.gpb

  - eServices_Agent_Activity.gpb

   - eServices_Queue_KPIs.gpb

 

'''Install the <tt>init-tenant</tt> helm chart''': <br />

To install the <tt>init-tenant</tt> helm chart, run the following command:

<source lang="bash">

helm upgrade --install "pulse-init-tenant-<tenant-sid>" pulsehelmrepo/init-tenant --wait --wait-for-jobs --version="<chart-version>"--namespace=pulse -f values-override-init-tenant.yaml

If installation is successful, the exit code <tt>0</tt> appears.

 

<source lang="bash">

kubectl get pods -n="pulse" -l "app.kubernetes.io/name=init-tenant,app.kubernetes.io/instance=pulse-init-tenant-<tenant-sid>"

If the deployment was successful, the <tt>pulse-init-tenant</tt> job is listed as <tt>Completed</tt>/.

For example:

pulse-init-tenant-100-job-qszgl          0/1     Completed  0          2d20h

 

 

'''Get the <tt>dcu</tt> helm chart:'''

 

'''Prepare the override file:'''

 

*Update the <tt>values-override-dcu.yaml</tt> file (AKS):

*:<source lang="bash"># Default values for dcu.

# * Tenant info

# tenant identification, or empty for shared deployment

tenant:

  # Tenant UUID

  id: "<tenant-uuid>"

  # Tenant SID (like 0001)

  sid: "<tenant-sid>"

# * Common log configuration

log:

   # target directory where log will be stored, leave empty for default

   logDir: ""

  # path where volume will be mounted

  volumeMountPath: /data/log

  # log volume type: none | hostpath | pvc

  volumeType: pvc

  # log volume hostpath, used with volumeType "hostpath"

  volumeHostPath: /mnt/log

  # log PVC parameters, used with volumeType "pvc"

    name: pulse-dcu-logs

       - ReadWriteMany

    capacity: 10Gi

    class: <pv-storage-class-rw-many>

# * Config info

config:

   # set "true" when need @host added for username

   dbUserWithHost: true

  mountSecrets: false

  postgresConfig: "pulse-postgres-configmap"

  # Postgres secret name

  postgresSecret: "pulse-postgres-secret"

  # Postgres secret key for user

  postgresSecretUser: "META_DB_ADMIN"

  # Postgres secret key for password

  postgresSecretPassword: "META_DB_ADMINPWD"

  # Redis secret name

  redisSecret: "pulse-redis-secret"

   # Redis secret key for access key

  redisSecretKey: "REDIS01_KEY"

# * Image

# container image common settings

## Service account settings

serviceAccount:

   # Specifies whether a service account should be created

   create: false

  # Annotations to add to the service account

  annotations: {}

  # The name of the service account to use.

  # If not set and create is true, a name is generated using the fullname template

  name: ""

## Add annotations to all pods

##

podAnnotations: {}

## Specifies the security context for all Pods in the service

##

podSecurityContext: {}

podLabels: {}

## HPA Settings

hpa:

  enabled: false

## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/

priorityClassName: ""

## Node labels for assignment.

## ref: https://kubernetes.io/docs/user-guide/node-selection/

##

nodeSelector: {}

## Tolerations for assignment.

## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

tolerations: []

## Pod Disruption Budget Settings

podDisruptionBudget:

   enabled: false

## Affinity for assignment.

## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

##

affinity: {}

# * Monitoring settings

monitoring:

   # enable the Prometheus metrics endpoint

   enabled: false

   # enable golden signals metrics (not supported for PE)

   goldenSignals:

    enabled: false

   # port number of the Prometheus metrics endpoint

   port: 9091

   # HTTP path to scrape for metrics

   path: /metrics

   # additional annotations required for monitoring PODs

   # you can reference values of other variables as {{.Values.variable.full.name}}

   podAnnotations: {}

    # prometheus.io/scrape: "true"

    # prometheus.io/port: "{{.Values.monitoring.port}}"

    # prometheus.io/path: "/metrics"

    # enables PodMonitor creation for the POD

    enabled: true

    # timeout after which the scrape is ended

    # namespace of the PodMonitor, defaults to the namespace of the POD

    additionalLabels: {}

   alerts:

    enabled: true

    duration: 5m

    namespace:

    additionalLabels: {}

##########################################################################

# * Configuration for the Collector container

  # resource limits for container

  resources:

    requests:

      # minimal CPU to reserve

    # resource limits for containers

      # maximum amount of memory a container can use before being evicted

      # by the OOM Killer

      memory: "4Gi"

      # maximum amount of CPU resources that can be used and should be tuned to reflect

      # what the application can effectively use before needing to be horizontally scaled out

      cpu: "8000m"

# * Configuration for the StatServer container

statserver:

  # resource limits for container

    # minimum resource requirements to start container

    requests:

      # minimal CPU to reserve

    # resource limits for containers

      # maximum amount of memory a container can use before being evicted

      # by the OOM Killer

      memory: "4Gi"

      # maximum amount of CPU resources that can be used and should be tuned to reflect

      # what the application can effectively use before needing to be horizontally scaled out

      cpu: "4000m"

# * Configuration for the monitor sidecar container

  # resource limits for container

    # disabled: true

   # securityContext: {}

##########################################################################

# * Configuration for the Configuration Server Proxy container

csproxy:

   # define domain for the configuration host

   params:

     cfgHost: "tenant-<tenant-uuid>.voice.<domain>"

   # resource limits for container

   resources:

    # minimum resource requirements to start container

    requests:

      # minimal amount of memory required to start a container

      memory: "200Mi"

      # minimal CPU to reserve

      cpu: "50m"

     # resource limits for containers

     limits:

      # maximum amount of memory a container can use before being evicted

      # by the OOM Killer

      memory: "2Gi"

      # maximum amount of CPU resources that can be used and should be tuned to reflect

      # what the application can effectively use before needing to be horizontally scaled out

      cpu: "1000m"

  # securityContext: {}

# volumeClaims contains persistent volume claims for services

volumeClaims:

   # statserverBackup is storage for statserver backup data

   statserverBackup:

     name: statserver-backup

     accessModes:

       - ReadWriteOnce

    # capacity is storage capacity

    capacity: "1Gi"

     # class is storage class. Must be set explicitly.

     class: <pv-storage-class-rw-once>

 

*Update the <tt>values-override-dcu.yaml</tt> file (GKE):

*:<source lang="bash"># Default values for dcu.

# This is a YAML-formatted file.

# Declare variables to be passed into your templates.

replicaCount: "<tenant-dcu>"

# * Tenant info

# tenant identification, or empty for shared deployment

tenant:

  # Tenant UUID

  id: "<tenant-uuid>"

  # Tenant SID (like 0001)

  sid: "<tenant-sid>"

# * Common log configuration

log:

  # target directory where log will be stored, leave empty for default

  logDir: ""

  # path where volume will be mounted

  volumeMountPath: /data/log

   # log volume type: none | hostpath | pvc

   # log volume hostpath, used with volumeType "hostpath"

   volumeHostPath: /mnt/log

   # log PVC parameters, used with volumeType "pvc"

   pvc:

    class: <pv-storage-class-rw-many>

# * Config info

  dbName: "<db-name>"

   # set "true" when need @host added for username

   dbUserWithHost: true

  mountSecrets: false

  postgresConfig: "pulse-postgres-configmap"

  # Postgres secret name

  postgresSecret: "pulse-postgres-secret"

  # Postgres secret key for user

  postgresSecretUser: "META_DB_ADMIN"

  # Postgres secret key for password

  postgresSecretPassword: "META_DB_ADMINPWD"

   redisConfig: "pulse-redis-configmap"

   # Redis secret name

   redisSecret: "pulse-redis-secret"

   # Redis secret key for access key

   redisSecretKey: "REDIS01_KEY"

# * Image

# container image common settings

## Service account settings

serviceAccount:

   # Specifies whether a service account should be created

   create: false

  # Annotations to add to the service account

  annotations: {}

  # The name of the service account to use.

  # If not set and create is true, a name is generated using the fullname template

  name: ""

## Add annotations to all pods

##

podAnnotations: {}

## Specifies the security context for all Pods in the service

##

podSecurityContext:

   runAsNonRoot: true

   runAsUser: 500

  runAsGroup: 500

  fsGroup: 0

## Add labels to all pods

##

podLabels: {}

hpa:

## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/

priorityClassName: ""

   

## ref: https://kubernetes.io/docs/user-guide/node-selection/

##

## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

## Pod Disruption Budget Settings

podDisruptionBudget:

   enabled: false

## Affinity for assignment.

## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

affinity: {}

# * Monitoring settings

monitoring:

   # enable the Prometheus metrics endpoint

  enabled: false

   goldenSignals:

    enabled: false

   port: 9091

   path: /metrics

  # you can reference values of other variables as {{.Values.variable.full.name}}

    # prometheus.io/scrape: "true"

    # prometheus.io/path: "/metrics"

    # enables PodMonitor creation for the POD

    enabled: true

    # interval at which metrics should be scraped

    scrapeInterval: 30s

    # timeout after which the scrape is ended

    scrapeTimeout:

    # namespace of the PodMonitor, defaults to the namespace of the POD

   alerts:

    # enables alert rules

    enabled: true

    # namespace of the alert rules, defaults to the namespace of the POD

    namespace:

##########################################################################

# * Configuration for the Collector container

  # resource limits for container

    # minimum resource requirements to start container

    requests:

      # minimal CPU to reserve

    # resource limits for containers

      # maximum amount of CPU resources that can be used and should be tuned to reflect

      # what the application can effectively use before needing to be horizontally scaled out

  # securityContext:

  #  runAsGroup: 500

# * Configuration for the StatServer container

  # resource limits for container

  resources:

    requests:

      # minimal CPU to reserve

    # resource limits for containers

      # maximum amount of memory a container can use before being evicted

      # by the OOM Killer

      memory: "4Gi"

      # maximum amount of CPU resources that can be used and should be tuned to reflect

      # what the application can effectively use before needing to be horizontally scaled out

      cpu: "4000m"

# * Configuration for the monitor sidecar container

monitorSidecar:

  resources:

    # disabled: true

    # minimum resource requirements to start container

    requests:

      # minimal CPU to reserve

    # resource limits for containers

      # maximum amount of memory a container can use before being evicted

      # by the OOM Killer

      memory: "70Mi"

      # maximum amount of CPU resources that can be used and should be tuned to reflect

      # what the application can effectively use before needing to be horizontally scaled out

  # securityContext:

  #  runAsGroup: 500

##########################################################################

# * Configuration for the Configuration Server Proxy container

  # define domain for the configuration host

    cfgHost: "tenant-<tenant-uuid>.voice.<domain>"

  # resource limits for container

    # minimum resource requirements to start container

    requests:

      memory: "200Mi"

      # minimal CPU to reserve

      # maximum amount of CPU resources that can be used and should be tuned to reflect

  # securityContext:

  #   runAsUser: 500

  #  runAsGroup: 500

# volumeClaims contains persistent volume claims for services

# All available storage classes can be found here:

# https://github.com/genesysengage/tfm-azure-core-aks/blob/master/k8s-module/storage.tf

volumeClaims:

  # statserverBackup is storage for statserver backup data

  statserverBackup:

     name: statserver-backup

     accessModes:

     # capacity is storage capacity

     capacity: "1Gi"

     # class is storage class. Must be set explicitly.

     class: <pv-storage-class-rw-once>

*Update the <tt>values-override-dcu.yaml</tt> file (OpenShift):

*:<source lang="bash">

# Default values for dcu.

# Declare variables to be passed into your templates.

replicaCount: "<tenant-dcu>"

# * Tenant info

# tenant identification, or empty for shared deployment

tenant:

  # Tenant UUID

  id: "<tenant-uuid>"

  # Tenant SID (like 0001)

  sid: "<tenant-sid>"

# * Common log configuration

log:

   # target directory where log will be stored, leave empty for default

   logDir: ""

  # path where volume will be mounted

  volumeMountPath: /data/log

  # log volume type: none | hostpath | pvc

  volumeType: pvc

  # log volume hostpath, used with volumeType "hostpath"

  volumeHostPath: /mnt/log

  # log PVC parameters, used with volumeType "pvc"

    name: pulse-dcu-logs

       - ReadWriteMany

    capacity: 10Gi

    class: <pv-storage-class-rw-many>

# * Config info

# Set your values.

config:

  dbName: "<db-name>"

   # set "true" when need @host added for username

  dbUserWithHost: true

  postgresConfig: "pulse-postgres-configmap"

  # Postgres secret name

  postgresSecret: "pulse-postgres-secret"

  # Postgres secret key for user

  postgresSecretUser: "META_DB_ADMIN"

  # Postgres secret key for password

  postgresSecretPassword: "META_DB_ADMINPWD"

  # Redis secret name

  redisSecret: "pulse-redis-secret"

   # Redis secret key for access key

# * Image

  tag: "<image-version>"

  pullPolicy: IfNotPresent

  registry: "<docker-registry>"

  imagePullSecrets: [name: "<docker-registry-secret-name>"]

serviceAccount:

## Add annotations to all pods

##

podAnnotations: {}

## Specifies the security context for all Pods in the service