Install Config-Server, Dispatcher, and LogAgent - EcoSys - 3.1 - Installation & Upgrade - Hexagon

EcoSys Connect Installation and Configuration (Microk8s Kubernetes)

Language
English
Product
EcoSys
Search by Category
Installation & Upgrade
EcoSys Version
3.1
  1. Edit the ../../helm/connect/values.yaml and set the values as listed in the following table.

    • Some settings in the values.yaml are not documented and it is not recommended to change them unless working with EcoSys Support.

    • The table uses a notation to describe the settings inside the yaml file using a hierarchy. For example, see the following section of the values.yaml file

      When describing the url settings under the database section, the following table will use the hierarchy database.url.

      Key

      Setting

      types

      Defines the types of deployments and services node affinity. These settings should not be edited.

      deployment.id

      This setting in the values.yaml file will automatically be updated to the DEPLOYMENT_ID from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.

      deployment.target

      This setting in the values.yaml file will automatically be updated to the DEPLOYMENT_TARGET from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.

      deployment.size

      This setting in the values.yaml file will automatically be updated to the SIZE from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.

      deployment.production

      This setting in the values.yaml file will automatically be updated to the PRODUCTION from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.

      imagePullSecrets

      Variable to store the secret that is used by the deployment.

      The value in the values.yaml must match the setting in the env.sh

      Default: regcred

      database.type

      Database type for the Connect configuration DB

      Supported values:

      sql server

      oracle

      database.version

      Database version for the Connect configuration DB

      For oracle - 18.3.x | 19.3.x | 19.6.x | 19.7.x 

      For sql server - 'Blank' 

      database.url

      Connection string for the Connect configuration DB

      For oracle - jdbc:oracle:thin:@<host>:<port>/<SID>

      For sql server - jdbc:sqlserver://<host>:<port>;database=<dbname>

      database.username

      Connect database username

      Default: ecuser

      dispatcher.config.name

      Name of the configuration file that contains the dispatcher settings. The file must have the .properties extension but the setting should not specify it.


      Example: If the property file is connectDispatcher.properties, the setting is set to connectDispatcher

      Default: connectDispatcher

      dispatcher.config.label

      Can be used to override the branch in GIT that the dispatcher uses for configuration.

      If not set, the value from configServer.label is used

      dispatcher.security.ecosysUrl

      The URL to the EcoSys Instance that Connect will be launched from

      Example: https://ecosys-host:port/ecosys

      dispatcher.security.jwksUrl

      The JWKS URL for token verification, provided by OAuth token Provider such as Okta or Keycloak

      dispatcher.security.tokenScope

      The Token Scope for the token provide

      agent.workQueueName

      The Connect Queue that the agent will listen to work on.

      Default: connectQueue

      agent.config.name

      Name of the configuration file that contains the agent settings. The file must have the .properties extension but the setting should not specify it.


      Example: The property file is connectAgent.properties, the setting is set to connectAgent

      Default: connectAgent

      agent.config.label

      Can be used to override the branch in GIT that the agent uses for configuration.

      If not set, the value from configServer.label is used.

      datastore.isNative

      Controls if a local Mongo DB is used as the datastore by the Agent.

      Currently, only the local Mongo DB is supported as the datastore

      Default: true

      datastore.url

      Not currently supported

      datastore.dbUsername

      The username to access the Data Store

      When isNative=true, this is the user that will be created in the local datastore when the datastore is provisioned. This is a username the installer sets.

      datastore.dbBackupUsername

      The backup username to access the Data Store

      When isNative=true, this is the user that will be created in the local datastore when the datastore is provisioned. This is a username the installer sets.

      logagent.config.name

      Name of the configuration file that contains the logagent settings. The file must have the .properties extension but the setting should not specify it.

      Example: The property file is connectLogAgent.properties, the setting is set to connectLogAgent

      Default: connectLogAgent

      logagent.label

      Can be used to override the branch in GIT that the logagent uses for configuration.

      If not set, the value from configServer.label is used.

      logstore.isNative

      Controls if a local Mongo DB is used as the datastore by the LogAgent.

      Currently, only the local Mongo DB is supported as the datastore for the Log Store

      Default: true

      logstore.url

      Not currently supported

      logstore.dbUsername

      The username to access the Log Store

      When isNative=true, this is the user that will be created in the local Log Store when it is provisioned. This is a username the installer sets.

      logstore.dbBackupUsername

      The backup username to access the Log Store

      When isNative=true, this is the user that will be created in the local datastore when the datastore is provisioned. This is a username the installer sets.

      amq.systemEncPassword

      During the installation of amq, a ‘system’ user will be created. The amq.systemEncPassword is required to set the password for this user.

      The password needs to be encrypted in the ‘amq’ format using the Encrypt Password screen in EcoSys.

      For more information on how to encrypt the password, see Encrypting Passwords

      amq.ecuser.encPassword

      During the installation of amq, a ‘ecuser user will be created. The amq.ecuser.encPassword is required to set the password for this user.

      The password needs to be encrypted in the ‘amq’ format using the Encrypt Password screen in EcoSys.

      For more information on how to encrypt the password, see Encrypting Passwords

      amq.ecuser.ciphertext

      This is the same password used in the amq.ecuser.encPassword but encrypted for Connect.

      The password needs to be encrypted in the ‘Connect’ format using the Encrypt Password screen in EcoSys

      For more information on how to encrypt the password, see Encrypting Passwords

      amq.ecdebugEncPassword

      During the installation of amq a ‘ecdebug’ user will be created. The amq.encdebugEncPassword is required to set the password for this user.

      The password needs to be encrypted in the ‘amq’ format using the Encrypt Password screen in EcoSys.

      For more information on how to encrypt the password, see Encrypting Passwords

      configServer.label

      Sets what branch from GIT to use to retrieve the configuration files from

      For example, If the files are in main, this would be set to main. If the files are in a branch called Test, this would be set to Test

      configServer.username

      Username to be created when the config server is deployed. This is a username the installer sets.

      configServer.gitUri

      The connection string to the GIT Repository containing the Connect Properties files

      configServer.gitUserName

      The username to use to connect to the GIT Repository

      configTopicName

      This name is used to create a Topic in the Service Bus that is used for configuration updates

      azureApplicationInsights.connectionString

      Azure Application Insights connection string

      See Create an instance of Application Insights in the Azure Portal

      It is optional for Microk8s installations

      servicebus.connectionString

      Azure Service Bus connection string

      Not currently supported

      host.name

      The FQDN that will be used to access connect

      Example: Connect.company.com

      host.ip

      The public IP address of the Linux host

      hostAliases

      The hostAliases section is used to insert entries into the hosts files of the containers. This is done for machines that the cluster (cluster that does not have proper DNS entries on your network) needs to access. Each entry requires an ‘alias’ and ‘ip’ setting.

      Example :

      alias: machineNoDNS.company.com

      IP: 1.2.3.4

      tls.enable

      Enables secure communication, default is true

      tls.isSelfSigned

      true|false – Only set to true if a Self-Signed certificate is being used.

      istioNameSpace

      The namespace that Istio was installed into.

      Default: istio-system

      timeZone

      Used to set the time zone in each container using Jave TimeZone IDs

      Example: America/New_York

      For each component there are few sections with mem/cpu settings, it is not recommended to change these setting unless working with Hexagon support. The appropriate settings are used based on the production type, deployment target, and production setting.

  2. After editing the settings, If you are using TLS, copy your TLS certificate and Key files into the helm/connect/config directory.

    The certificate must be in a file named tls.crt and the key must be in a file named tls.key.

  3. Run the ‘./install-connect.sh <parameters>’ to install the Connect Platform. The following are the required parameters:
    <config-server-password> - the password used when the Config Server user is created

    • <git-password> - the Git password for the Git repository that contains the configuration file.

    • <database-password> - the database password that Connect will use

    • <activemq-encryption-passphrase> - the passphrase that ActiveMQ uses for Password-based Encryption

    • <ecosys-passphrase> - the passphrase that EcoSys uses for Password-based Encryption

    • <connect-passphrase> - the passphrase that Connect will use for Password-based Encryption

    • <logstore-db-password> - the password used when creating the admin user for the LogStore

    • <logstore-backup-password> - the password used when creating the backup user for LogStore

    • If a parameter has an empty or blank value, use "" as the parameter.

    • Most EcoSys installations do not have an explicit ecosys-passphrase. In such case, the parameter for the installation must be set to "".

      • When the install-connect.sh completes it will display a message of ‘STATUS: deployed’.

      • The script deploys Connect into the Kubernetes Cluster.

4. To determine if Connect has started successfully, run ‘microk8s kubectl get deployments -n <CONNECT_NAMESPACE>’

There should be a total of 5 deployments – logstore, config-server, amq, logagent, and dispatchers, each having 1/1 in the READY column.


It can take several minutes for Connect to initialize and completely start.

5. If the deployment status is not correct, run ‘microk8s kubectl get pods -n <CONNECT_NAMESPACE>’ to check the status of the pods.

There should be 5 pods – amq, config-server, dispatcher, logagent, and logstore. All 5 pods start at the same time. The dispatcher and logagent require the config-server to be successfully running before they can complete a startup. The dispatcher and logagent will fail initially and will automatically restart. They will successfully start up once they can connect to the config-server.

If the pods fail to start, additional log information can be found by running the following:

microk8s kubectl logs <POD ID> -n <CONNECT_NAMESPACE> or

microk8s kubectl describe pod <POD ID> -n <CONNECT_NAMESPACE>

The <CONNECT_NAMESPACE> is the value set for CONNECT_NAMESPACE in the env.sh file.