Configure Genesys Web Services and Applications

From Genesys Documentation
Jump to: navigation, search
This topic is part of the manual Genesys Web Services and Applications Private Edition Guide for version Current of Genesys Web Services and Applications.

Learn how to configure Genesys Web Services and Applications.

Create API clients

Use the Genesys Authentication operations API to create API clients for the GWS services. Refer to the API clients table for the name and client_id values you must use in the API request. Make note of encrypted_client_secret in the responses - you need this value to set the related parameter in Override Helm chart values.

API clients
Service name client_id Helm chart parameter
Provisioning Service gws-app-provisioning gws-app-provisioning secrets.gws-app-provisioning-client-secret
Workspace Service gws-app-workspace gws-app-workspace secrets.gws-app-workspace-client-secret
Configuration Service gws-platform-configuration gws-platform-configuration secrets.gws-platform-configuration-client-secret
Data Collector Service gws-platform-datacollector gws-platform-datacollector secrets.gws-platform-datacollector-client-secret
Interaction Service gws-platform-ixn gws-platform-ixn secrets.gws-platform-ixn-client-secret
OCS Service gws-platform-ocs gws-platform-ocs secrets.gws-platform-ocs-client-secret
Setting Service gws-platform-setting gws-platform-setting secrets.gws-platform-setting-client-secret
Statistics Service gws-platform-statistics gws-platform-statistics secrets.gws-platform-statistics-client-secret
Voice Service gws-platform-voice gws-platform-voice secrets.gws-platform-voice-client-secret

Configure a secret to access JFrog

If you haven't done so already, create a secret for accessing the JFrog registry: 

kubectl create secret docker-registry <credential-name> --docker-server=<docker repo> --docker-username=<username> --docker-password=<password> --docker-email=<emailid>

Now map the secret to the default service account: 

kubectl secrets link default <credential-name> --for=pull

Override Helm chart values

You can specify parameters for the deployment by overriding Helm chart values in the values.yaml file.

For more information about how to override Helm chart values, see Overriding Helm chart values in the Setting up Genesys Engage Cloud Private Edition guide.

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the values.yaml file, so that no user or group IDs are specified. For details, see Configure security below.

Create or update the versions file

Create or update the versions.yaml file with the latest container versions for your deployment. See Updated Helm Charts and Containers for Web Services and Applications for the full list of versions.

For example:
gws-app-provisioning:9.0.000.93
gws-app-workspace:9.0.000.90
gws-platform-configuration:9.0.000.79
gws-platform-datacollector:9.0.000.50
gws-platform-ixn:9.0.000.43
gws-platform-ocs:9.0.000.46
gws-platform-setting:9.0.000.52
gws-platform-statistics:9.0.000.61
gws-platform-voice:9.0.000.66
gws-system-nginx:9.0.000.16
gws-ui-crmworkspace:9.0.000.62
gws-ui-provisioning:9.0.000.84
gws-ui-workspace:9.0.000.82

Configure Kubernetes

GWS stores the following sensitive data as Kubernetes secrets. See the secrets.* parameters in the Global parameters table in the "Override Helm chart values" section for details.

  • Redis password (gws-redis-password)
  • Consul API token (gws-consul-token)
  • PostgreSQL database credentials for GWS (gws-postgres-username and gws-postgres-password)
  • PostgreSQL database credentials for Agent Setup (agentsetup-postgres-username and agentsetup-postgres-password)
  • Client secret for the Provisioning Service (gws-app-provisioning-client-secret)
  • Client secret for the Workspace Service (gws-app-workspace-client-secret )
  • Client secret for the Configuration Service (gws-platform-configuration-client-secret)
  • Client secret for the Data Collector Service (gws-platform-datacollector-client-secret)
  • Client secret for the Interaction Service (gws-platform-ixn-client-secret)
  • Client secret for the OCS Service (gws-platform-ocs-client-secret)
  • Client secret for the Setting Service (gws-platform-setting-client-secret)
  • Client secret for the Statistics Service (gws-platform-statistics-client-secret)
  • Client secret for the Voice Service (gws-platform-voice-client-secret)
  • Credentials for the operational user (ops-username and ops-password)
  • JM: Missing description (gws-screen-recording-public-secret)
  • JM: Missing description (gws-screen-recording-private-secret)

Configure security

To learn more about how security is configured for private edition, be sure to read the Permissions and OpenShift security settings topics in the Setting up Genesys Engage Cloud Private Edition guide.

The security context settings define the privilege and access control settings for pods and containers.

By default, the user and group IDs are set in the values.yaml file as 500:500:500, meaning the genesys user. 

deploymentGlobals:
  securityContext:
    runAsUser: 500
    runAsGroup: 500
    fsGroup: 500
    runAsNonRoot: true

Arbitrary UIDs in OpenShift

If you want to use arbitrary UIDs in your OpenShift deployment, you must override the securityContext settings in the values.yaml file, so that you do not define any specific IDs. 

deploymentGlobals:
  securityContext:
    runAsUser: null
    runAsGroup: 0
    fsGroup: null
    runAsNonRoot: true
Retrieved from "https://all.docs.genesys.com/GWS/Current/GWSPEGuide/Configure (2025-07-14 22:28:55)"
Comments or questions about this documentation? Contact us for support!