External access

Agility needs access to the following public endpoints in order to work

External service	Protocol/Port	External host (IP/subnet)
iad.ocir.io	`HTTPS tcp/443`	https://docs.oracle.com/en-us/iaas/tools/public_ip_ranges.json '.regions[] \| select(.region=="us-ashburn-1") \| .cidrs[].cidr'
central-monitoring.b-yond.com	`HTTPS tcp/443`
agility-central.b-yond.com	`HTTPS tcp/443`
AWS S3 us-west-2	`HTTPS tcp/443`	https://ip-ranges.amazonaws.com/ip-ranges.json '.prefixes[] \| select(.service=="S3" and .region=="us-west-2") .ip_prefix'

HTTP Proxy configuration

If the network where AGILITY is running requires an HTTP proxy setup to access Internet, follow these instructions:

Deploy the AGILITY application Services chart

Create an override values file (options available in the AGILITY chart):

Code Block

language	bash

cd agility-charts
vi agility-services-values-overrides.yaml

Update cvagility-operator.env.manager.httpProxy options

cv:

Code Block

language	yaml

agility-operator:
  env:
    manager:
      httpProxy:
        httpProxy: <http<<http://example.com:3128>3128>>
        httpsProxy: <http<<http://example.com:3128>3128>>
        noProxy: <10.0.0.0/8,172.16.0.0/12,192.168.0.0/16>

httpProxy: HTTP Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.
httpsProxy: HTTPS Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.
noProxy: No Proxy setting, comma separated list of network addresses and/or domain names.

Run the Helm command to deploy AGILITY:

Code Blockhelm --namespace agility upgrade --install --create-namespace agility ./agility --values

.

noProxy should at least include the Kubernetes Services network address.

For example, if the Kubernetes Services network address is 10.43.0.0/16. Then, the values should looks like:

Code Block

language	yaml

agility-operator:
  env:
    manager:
      httpProxy:
        httpProxy: <http://example.com:3128>
        httpsProxy: <http://example.com:3128>
        noProxy: 10.43.0.0/16

Deploy the AGILITY application chart

Create an override values file (options available in the AGILITY chart):
Code Block
language bash
cd agility-charts vi agility-values-overrides.yaml
Update cv.httpProxy options
Code Block
language yaml
Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column
cv: httpProxy: httpProxy: <<http://example.com:3128>> httpsProxy: <<http://example.com:3128>> noProxy: <10.0.0.0/8,172.16.0.0/12,192.168.0.0/16>
- httpProxy: HTTP Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.
- httpsProxy: HTTPS Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.
- noProxy: No Proxy setting, comma separated list of network addresses and/or domain names.

Disable remote monitoring (central-monitoring.b-yond.com) and data report (AWS bucket)

AGILITY sends anonymous usage data collection to B-Yond. This can be disabled following these instructions:

...

Create an override values file (options available in the AGILITY chart):
Code Block
language bash
cd agility-charts vi agility-values-overrides.yaml
Update cv.agilityOpenTelemetry.settings.remote.enabled option and cv.settings.sharePcapInformation options
Code Block
language yaml
cv: agilityOpenTelemetrysettings: settingssharePcapInformation: false agilityOpenTelemetry: remote: settings: enabledremote: false
Run the Helm command to deploy AGILITY:
Code Block
helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml
Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.
enabled: false

Enable customer monitoring

...

Create an override values file (options available in the AGILITY chart):

Code Block

language	bash

cd agility-charts
vi agility-values-overrides.yaml

Update cv.agilityOpenTelemetry.settings.customer options

Code Block

language	yaml

cv:
  agilityOpenTelemetry:
    settings:
      customer:
        enabled: true
        endpoint: <customer-endpoint>
        tlsInsecure: false
        tlsSecret:
          name: <customer-kubernetes-secret>
        useHttps: true

Complete based on the following options:

enabled: <boolean> -required-
- Enables a customer to route Agility data to a compliant Open Telemetry collector. Default value: false
endpoint: <string> -required-
- URL Endpoint where to send OpenTelemetry data. If useHttps is true, ensure to match the following pattern: ^https?:\\/\\/.+$. For example: https://example.com. If useHttps is false, ensure to match the following pattern: ^.*:[0-9]+$. For example: example.com:4317
tlsInsecure: <boolean>
- Do not validate TLS certificate
tlsSecret: <Object>
- The secret containing the Certificates and Key to encrypt OpenTelemetry traffic will need to contain the TLS certificate, TLS key and TLS certificate authority with the data keys set to tls.crt, tls.key and http://tls.ca , respectively. It will then be mounted as a volume projection to the '/tmp/oteltls' directory. For more information on Kubernetes secret projections, please see <https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths >. NOTE: If tlsInsecure is true, this value will be ignored.
useHttps: <boolean>
- Use HTTPS protocol instead of gRPC protocol. Default value: true

Run the Helm command to deploy AGILITY:

Code Block
helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml

Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.

Version	Old Version 2	New Version Current
Changes made by	Akin Laseinde (Deactivated)	Akin Laseinde (Deactivated)
Saved on	Aug 23, 2024	Nov 07, 2024

Page Comparison

Versions Compared

Key

External access

HTTP Proxy configuration

Disable remote monitoring (central-monitoring.b-yond.com) and data report (AWS bucket)

Enable customer monitoring