-
Edit the ../../helm/connect/values.yaml and set the values as listed in the following table.
-
Some settings in the values.yaml are not documented and it is not recommended to change them unless working with EcoSys Support.
-
The table uses a notation to describe the settings inside the yaml file using a hierarchy. For example, see the following section of the values.yaml file
When describing the url settings under the database section, the following table will use the hierarchy database.url.
Key
Setting
types
Defines the types of deployments and services node affinity. These settings should not be edited.
deployment.id
This setting in the values.yaml file will automatically be updated to the DEPLOYMENT_ID from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.
deployment.target
This setting in the values.yaml file will automatically be updated to the DEPLOYMENT_TARGET from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.
deployment.size
This setting in the values.yaml file will automatically be updated to the SIZE from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.
deployment.production
This setting in the values.yaml file will automatically be updated to the PRODUCTION from the env.sh script when the installation scripts are executed. This value should not be manually changed in the values.yaml file.
imagePullSecrets
Variable to store the secret that is used by the deployment.
The value in the values.yaml must match the setting in the env.sh
Default: regcred
database.type
Database type for the Connect configuration DB
Supported values:
sql server
oracle
database.version
Database version for the Connect configuration DB
For oracle - 18.3.x | 19.3.x | 19.6.x | 19.7.x
For sql server - 'Blank'
database.url
Connection string for the Connect configuration DB
For oracle - jdbc:oracle:thin:@<host>:<port>/<SID>
For sql server - jdbc:sqlserver://<host>:<port>;database=<dbname>
database.username
Connect database username
Default: ecuser
dispatcher.config.name
Name of the configuration file that contains the dispatcher settings. The file must have the .properties extension but the setting should not specify it.
Example: If the property file is connectDispatcher.properties, the setting is set to connectDispatcherDefault: connectDispatcher
dispatcher.config.label
Can be used to override the branch in GIT that the dispatcher uses for configuration.
If not set, the value from configServer.label is used
dispatcher.security.ecosysUrl
The URL to the EcoSys Instance that Connect will be launched from
Example: https://ecosys-host:port/ecosys
dispatcher.security.jwksUrl
The JWKS URL for token verification, provided by OAuth token Provider such as Okta or Keycloak
dispatcher.security.tokenScope
The Token Scope for the token provide
agent.workQueueName
The Connect Queue that the agent will listen to work on.
Default: connectQueue
agent.config.name
Name of the configuration file that contains the agent settings. The file must have the .properties extension but the setting should not specify it.
Example: The property file is connectAgent.properties, the setting is set to connectAgentDefault: connectAgent
agent.config.label
Can be used to override the branch in GIT that the agent uses for configuration.
If not set, the value from configServer.label is used.
datastore.isNative
Controls if a local Mongo DB is used as the datastore by the Agent.
Currently, only the local Mongo DB is supported as the datastore
Default: true
datastore.url
Not currently supported
datastore.dbUsername
The username to access the Data Store
When isNative=true, this is the user that will be created in the local datastore when the datastore is provisioned. This is a username the installer sets.
datastore.dbBackupUsername
The backup username to access the Data Store
When isNative=true, this is the user that will be created in the local datastore when the datastore is provisioned. This is a username the installer sets.
logagent.config.name
Name of the configuration file that contains the logagent settings. The file must have the .properties extension but the setting should not specify it.
Example: The property file is connectLogAgent.properties, the setting is set to connectLogAgent
Default: connectLogAgent
logagent.label
Can be used to override the branch in GIT that the logagent uses for configuration.
If not set, the value from configServer.label is used.
logstore.isNative
Controls if a local Mongo DB is used as the datastore by the LogAgent.
Currently, only the local Mongo DB is supported as the datastore for the Log Store
Default: true
logstore.url
Not currently supported
logstore.dbUsername
The username to access the Log Store
When isNative=true, this is the user that will be created in the local Log Store when it is provisioned. This is a username the installer sets.
logstore.dbBackupUsername
The backup username to access the Log Store
When isNative=true, this is the user that will be created in the local datastore when the datastore is provisioned. This is a username the installer sets.
amq.systemEncPassword
During the installation of amq, a ‘system’ user will be created. The amq.systemEncPassword is required to set the password for this user.
The password needs to be encrypted in the ‘amq’ format using the Encrypt Password screen in EcoSys.
For more information on how to encrypt the password, see Encrypting Passwords
amq.ecuser.encPassword
During the installation of amq, a ‘ecuser user will be created. The amq.ecuser.encPassword is required to set the password for this user.
The password needs to be encrypted in the ‘amq’ format using the Encrypt Password screen in EcoSys.
For more information on how to encrypt the password, see Encrypting Passwords
amq.ecuser.ciphertext
This is the same password used in the amq.ecuser.encPassword but encrypted for Connect.
The password needs to be encrypted in the ‘Connect’ format using the Encrypt Password screen in EcoSys
For more information on how to encrypt the password, see Encrypting Passwords
amq.ecdebugEncPassword
During the installation of amq a ‘ecdebug’ user will be created. The amq.encdebugEncPassword is required to set the password for this user.
The password needs to be encrypted in the ‘amq’ format using the Encrypt Password screen in EcoSys.
For more information on how to encrypt the password, see Encrypting Passwords
configServer.label
Sets what branch from GIT to use to retrieve the configuration files from
For example, If the files are in main, this would be set to main. If the files are in a branch called Test, this would be set to Test
configServer.username
Username to be created when the config server is deployed. This is a username the installer sets.
configServer.gitUri
The connection string to the GIT Repository containing the Connect Properties files
configServer.gitUserName
The username to use to connect to the GIT Repository
configTopicName
This name is used to create a Topic in the Service Bus that is used for configuration updates
azureApplicationInsights.connectionString
Azure Application Insights connection string
See Create an instance of Application Insights in the Azure PortalIt is optional for Microk8s installations
servicebus.connectionString
Azure Service Bus connection string
Not currently supported
host.name
The FQDN that will be used to access connect
Example: Connect.company.com
host.ip
The public IP address of the Linux host
hostAliases
The hostAliases section is used to insert entries into the hosts files of the containers. This is done for machines that the cluster (cluster that does not have proper DNS entries on your network) needs to access. Each entry requires an ‘alias’ and ‘ip’ setting.
Example :
alias: machineNoDNS.company.com
IP: 1.2.3.4
tls.enable
Enables secure communication, default is true
tls.isSelfSigned
true|false – Only set to true if a Self-Signed certificate is being used.
istioNameSpace
The namespace that Istio was installed into.
Default: istio-system
timeZone
Used to set the time zone in each container using Jave TimeZone IDs
Example: America/New_YorkFor each component there are few sections with mem/cpu settings, it is not recommended to change these setting unless working with Hexagon support. The appropriate settings are used based on the production type, deployment target, and production setting.
-
-
After editing the settings, If you are using TLS, copy your TLS certificate and Key files into the helm/connect/config directory.
The certificate must be in a file named tls.crt and the key must be in a file named tls.key.
-
Run the ‘./install-connect.sh <parameters>’ to install the Connect Platform. The following are the required parameters:
<config-server-password> - the password used when the Config Server user is created-
<git-password> - the Git password for the Git repository that contains the configuration file.
-
<database-password> - the database password that Connect will use
-
<activemq-encryption-passphrase> - the passphrase that ActiveMQ uses for Password-based Encryption
-
<ecosys-passphrase> - the passphrase that EcoSys uses for Password-based Encryption
-
<connect-passphrase> - the passphrase that Connect will use for Password-based Encryption
-
<logstore-db-password> - the password used when creating the admin user for the LogStore
-
<logstore-backup-password> - the password used when creating the backup user for LogStore
-
If a parameter has an empty or blank value, use "" as the parameter.
-
Most EcoSys installations do not have an explicit ecosys-passphrase. In such case, the parameter for the installation must be set to "".
-
When the install-connect.sh completes it will display a message of ‘STATUS: deployed’.
-
The script deploys Connect into the Kubernetes Cluster.
-
-
4. To determine if Connect has started successfully, run ‘microk8s kubectl get deployments -n <CONNECT_NAMESPACE>’
There should be a total of 5 deployments – logstore, config-server, amq, logagent, and dispatchers, each having 1/1 in the READY column.
It can take several minutes for Connect to initialize and completely start.
5. If the deployment status is not correct, run ‘microk8s kubectl get pods -n <CONNECT_NAMESPACE>’ to check the status of the pods.
There should be 5 pods – amq, config-server, dispatcher, logagent, and logstore. All 5 pods start at the same time. The dispatcher and logagent require the config-server to be successfully running before they can complete a startup. The dispatcher and logagent will fail initially and will automatically restart. They will successfully start up once they can connect to the config-server.
If the pods fail to start, additional log information can be found by running the following:
microk8s kubectl logs <POD ID> -n <CONNECT_NAMESPACE> or
microk8s kubectl describe pod <POD ID> -n <CONNECT_NAMESPACE>
The <CONNECT_NAMESPACE> is the value set for CONNECT_NAMESPACE in the env.sh file.