Versions Compared

Version Old Version 3 New Version Current
Changes made by

Akin Laseinde (Deactivated)

Akin Laseinde (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

External access

Agility needs access to the following public endpoints in order to work

External service

Protocol/Port

External host (IP/subnet)

iad.ocir.io

HTTPS tcp/443

https://docs.oracle.com/en-us/iaas/tools/public_ip_ranges.json
'.regions[] | select(.region=="us-ashburn-1") | .cidrs[].cidr'

central-monitoring.b-yond.com

HTTPS tcp/443

agility-central.b-yond.com

HTTPS tcp/443

AWS S3 us-west-2

HTTPS tcp/443

https://ip-ranges.amazonaws.com/ip-ranges.json
'.prefixes[] | select(.service=="S3" and .region=="us-west-2") .ip_prefix'

HTTP Proxy configuration

If the network where AGILITY is running requires an HTTP proxy setup to access Internet, follow these instructions:

Deploy the AGILITY application Services chart

  1. Create an override values file (options available in the AGILITY chart):

    Code Block
    languagebash
    cd agility-charts
vi agility-services-values-overrides.yaml

    Update cvagility-operator.env.manager.httpProxy options

    cv:
    Code Block
    languageyaml
    agility-operator:
  env:
    manager:
      httpProxy:
        httpProxy: <http<<http://example.com:3128>3128>>
        httpsProxy: <http<<http://example.com:3128>3128>>
        noProxy: <10.0.0.0/8,172.16.0.0/12,192.168.0.0/16>

    • httpProxy: HTTP Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.

    • httpsProxy: HTTPS Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.

    • noProxy: No Proxy setting, comma separated list of network addresses and/or domain names.

    Run the Helm command to deploy AGILITY:

    Code Blockhelm --namespace agility upgrade --install --create-namespace agility ./agility --values

    noProxy should at least include the Kubernetes Services network address.

    For example, if the Kubernetes Services network address is 10.43.0.0/16. Then, the values should looks like:

    Code Block
    languageyaml
    agility-operator:
  env:
    manager:
      httpProxy:
        httpProxy: <http://example.com:3128>
        httpsProxy: <http://example.com:3128>
        noProxy: 10.43.0.0/16

Deploy the AGILITY application chart

  1. Create an override values file (options available in the AGILITY chart):

    Code Block
    languagebash
    cd agility-charts
vi agility-values-overrides.yaml

    Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column Update cv.httpProxy options

    Code Block
    languageyaml
    cv:
  httpProxy:
    httpProxy: <<http://example.com:3128>>
    httpsProxy: <<http://example.com:3128>>
    noProxy: <10.0.0.0/8,172.16.0.0/12,192.168.0.0/16>

    • httpProxy: HTTP Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.

    • httpsProxy: HTTPS Proxy setting, with URL format. Regular expression: ^https?:\\/\\/.+$.

    • noProxy: No Proxy setting, comma separated list of network addresses and/or domain names.

Disable remote monitoring (central-monitoring.b-yond.com) and data report (AWS bucket)

...

  1. Create an override values file (options available in the AGILITY chart):

    Code Block
    languagebash
    cd agility-charts
vi agility-values-overrides.yaml

    Update cv.agilityOpenTelemetry.settings.remote.enabled and cv.settings.sharePcapInformation options

    Code Block
    languageyaml
    cv:
  settings:
    sharePcapInformation: false
  agilityOpenTelemetry:
    settings:
      remote:
        enabled: false

    Run the Helm command to deploy AGILITY:

    code
    helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml
    Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.
Enable customer monitoring
...
  1. Create an override values file (options available in the AGILITY chart):
     Code Block
    languagebash
    cd agility-charts
vi agility-values-overrides.yaml
     Update cv.agilityOpenTelemetry.settings.customer options
     Code Block
    languageyaml
    cv:
  agilityOpenTelemetry:
    settings:
      customer:
        enabled: true
        endpoint: <customer-endpoint>
        tlsInsecure: false
        tlsSecret:
          name: <customer-kubernetes-secret>
        useHttps: true
     Complete based on the following options:
    • enabled: <boolean> -required-
      • Enables a customer to route Agility data to a compliant Open Telemetry collector. Default value: false
    • endpoint: <string> -required-
      • URL Endpoint where to send OpenTelemetry data. If useHttps is true, ensure to match the following pattern: ^https?:\\/\\/.+$. For example: https://example.com. If useHttps is false, ensure to match the following pattern: ^.*:[0-9]+$. For example: example.com:4317
    • tlsInsecure: <boolean>
      • Do not validate TLS certificate
    • tlsSecret: <Object>
      • The secret containing the Certificates and Key to encrypt OpenTelemetry traffic will need to contain the TLS certificate, TLS key and TLS certificate authority with the data keys set to tls.crt, tls.key and http://tls.ca , respectively. It will then be mounted as a volume projection to the '/tmp/oteltls' directory. For more information on Kubernetes secret projections, please see <https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths >. NOTE: If tlsInsecure is true, this value will be ignored.
    • useHttps: <boolean>
      • Use HTTPS protocol instead of gRPC protocol. Default value: true
    Run the Helm command to deploy AGILITY:
     Code Block
    helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml
    Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.