SIPEnvironment custom resource manifest
SIPEnvironment is a primary custom resource that manages all the other custom
resources that are created through the IBM® Sterling Intelligent
Promising Operator.
Note: Do not modify the annotations that are prefixed
internal.SIPEnvironment full custom resource with default values
The following YAML file is a schema with all the parameters and default values supported by
SIPEnvironment custom resource.
Note: The commented parameters are optional for creating
SIPEnvironment.apiVersion: apps.sip.ibm.com/v1beta1
kind: SIPEnvironment
metadata:
name: ""
namespace: ""
# Annotation to skip check for ibm-entitlement-key secret:
apps.sip.ibm.com/skip-ibm-entitlement-key-check: 'yes'
# Annotation to check connectivity of external services:
apps.sip.ibm.com/validate-external-services-connections: 'true'
# Annotation to skip check for connectivity of external services:
apps.sip.ibm.com/skip-external-services-connection-validation: 'true'
spec:
license:
accept: true
environment: ""
multiDCEnabled: false
secret: ""
# serviceAccount: default
# upgradeStrategy: RollingUpdate
# tenantId: default
# UsePublicImageRegistry: true
storage:
name: ""
# accessMode: ReadWriteMany
# capacity: 10Gi
# storageClassName: default
# securityContext:
# fsGroup:
# supplementalGroups: []
# affinityAndTolerations:
# - name: ""
# affinity:
# <kubernetes-affinity-spec>
# tolerations:
# - <kubernetes-toleration-spec>
# security:
# ssl:
# trust:
# storeLocation: ""
# storeType: JKS
# trustJavaCACerts: true
# trustedCertDir:""
# additionalMounts:
# secrets:
# - defaultMode: 420
# mountPath: ""
# name: ""
# log:
# logChannels: CONSOLE
# logTopic: ""
# logLevel: INFO
image:
repository: ""
imagePullSecrets:
- name: ibm-entitlement-key
- name: my-private-registry-key1
- name: my-private-registry-key2
tag: ""
# pullPolicy: IfNotPresent
# omsGateway:
# tag: ""
# repository: ""
# pullPolicy: ""
# imageName: oms-gateway
# ivService:
# tag: ""
# repository: ""
# pullPolicy: ""
# appImageName: sip-iv-appserver
# backendImageName: sip-iv-backend
# onboardImageName: sip-iv-onboard
# promisingService:
# imageName: sip-promising
# pullPolicy: ""
# tag: ""
# repository:
# utilityService:
# repository: ""
# pullPolicy: ""
# catalog:
# tag: ""
# imageName: sip-catalog
# onboardImageName: sip-catalog-onboard
# pullPolicy: ""
# rules:
# tag: ""
# imageName: sip-rules
# onboardImageName: sip-rules-onboard
# pullPolicy: ""
# carrier:
# tag: ""
# onboardImageName: sip-carrier-onboard
# imageName: sip-carrier
# pullPolicy: ""
# audit:
# tag: ""
# imageName: sip-iv-audit
# onboardImageName: sip-iv-audit-onboard
# pullPolicy: ""
# search:
# tag: ""
# imageName: sip-search
# onboardImageName: sip-search-onboard
# pullPolicy: ""
# logstash:
# tag: ""
# imageName: sip-logstash
# pullPolicy: ""
# apiDocsService:
# tag: ""
# imageName: sip-api-docs
# repository: ""
# pullPolicy: ""
# sipUtils:
# tag: ""
# imageName: sip-utils
# repository: ""
# pullPolicy: ""
common:
ingress:
host: ""
# annotations: {}
# labels: {}
# className: ""
# skipDefaultAnnotations: false
# ssl:
# enabled: true
# identitySecretName: ""
# customDomains:
# - host: ""
# annotations: {}
# labels: {}
# className: ""
# skipDefaultAnnotations: false
# ssl:
# enabled: true
# identitySecretName: ""
# - host: ""
# annotations: {}
# labels: {}
# className: ""
# skipDefaultAnnotations: false
# ssl:
# enabled: true
# identitySecretName: ""
# pod:
# podLabels: {}
# podAnnotations: {}
networkPolicy:
<kubernetes-network-policy-spec>
externalServices:
cassandra:
keyspace: ""
# contactPoints: ""
# createDevInstance:
# resources:
# limits:
# cpu: '2'
# memory:9Gi
# requests:
# cpu: '1'
# memory: 3Gi
# storage:
# name: ""
# accessMode: ReadWriteMany
# capacity: 10Gi
# storageClassName: default
# securityContext:
# fsGroup:
# supplementalGroups: []
# affinityAndTolerations: ""
kafka:
# contactPoints: ""
# topicPrefix: "sip"
# mirrorTopicPrefix: ""
# crossDCTopicPrefix: ""
# zookeeperContactPoints: ""
# loggingContactPoints: ""
# createDevInstance:
# resources:
# limits:
# cpu: '1'
# memory: 1Gi
# requests:
# cpu: '0.1'
# memory: 1.5Gi
# storage:
# name: ""
# accessMode: ReadWriteMany
# capacity: 10Gi
# storageClassName: default
# securityContext:
# fsGroup:
# supplementalGroups: []
# affinityAndTolerations: ""
elasticSearch:
# contactPoints: ""
# replicationEnabled: false
# createDevInstance:
# resources:
# limits:
# cpu: '1'
# memory: 1Gi
# requests:
# cpu: '0.1'
# memory: 1.5Gi
# affinityAndTolerations: ""
# storage:
# name: ""
# accessMode: ReadWriteMany
# capacity: 10Gi
# storageClassName: default
# securityContext:
# fsGroup:
# supplementalGroups: []
# configuration:
# ssl_cassandra_disable: ""
# ssl_elasticsearch_disable: ""
# ssl_kafka_disable: ""
# ssl_Logging_kafka_disable: ""
# mongoDB:
# createDevInstance:
# resources:
# limits:
# cpu: '3'
# memory: 10000Mi
# requests:
# cpu: '1'
# memory: 3000Mi
# storage:
# name: ""
# accessMode: ReadWriteMany
# capacity: 10Gi
# storageClassName: default
# securityContext:
# fsGroup:
# supplementalGroups: []
# affinityAndTolerations: ""
# replicationEnabled: false
# utilityService:
# serviceGroup: ""
# promisingService:
# serviceGroup: ""
# ivService:
# serviceGroup: ""
# optimizerService:
# serviceGroup: ""
# apiDocsService: {}
# serverProperties:
# envVars:
# - groupName: ""
# propertyList: {}
# propertyRef:
# - name: ""
# valueFrom:
# configMapKeyRef:
# key: ""
# name: ""
# optional:
# fieldRef:
# apiVersion: ""
# fieldPath: ""
# resourceFieldRef:
# containerName: ""
# divisor: "1"
# resource: ""
# secretKeyRef:
# key: ""
# name: ""
# optional:
# propertyFrom:
# - prefix: ""
# configMapRef:
# name: ""
# optional: ""
# - prefix: ""
# secretRef:
# name: ""
# optional: ""
# derivatives: []
# jvmArgs:
# - groupName: ""
# propertyList:
# - ""
# derivatives: []
omsGateway:
# issuerSecret: ""
# skipAuthentication: false
# workerPoolSize: 100
# sslEnabled: true
# identitySecretName: <TLS_certificate_name>
# logLevel: INFO
# replicas: ""
# resources:
# limits:
# cpu: '2'
# memory:500Mi
# requests:
# cpu: '1'
# memory: 3000Mi
# webClient:
# connectTimeout: 30000
# keepAlive: true
# keepAliveTimeout: 60
# logActivity: false
# maxPoolSize: 10
# requestTimeout: 30000
# trustAll: false
# verifyHost: true
# cors:
# enabled: true
# allowedOrigins: '*'
# deltaHeaders: ''
# deltaMethods: ''
# exposedHeaders: ''
# allowCredentials: true
# affinityAndTolerations: ""SIPEnvironment custom resource with mandatory parameters
The following YAML file is a schema with all the mandatory parameters and sample values.
Note: The values in the YAML are provided for demonstration purpose only and it must me
updated as needed. Ensure to replace
<sip-namespace> , <sip-secret>,
<sip-oms-gateway-issuer-secret>, <comma separated list of https://domain:port>,
<public-domain.mycluster.com>, <ingress-cert>, <container_registry> with valid
values.apiVersion: apps.sip.ibm.com/v1beta1
kind: SIPEnvironment
metadata:
name: sip
namespace: <sip_installation_namespace>
annotations:
# Use the following annotation to skip the check for ibm-entitlement-key secret.
apps.sip.ibm.com/skip-ibm-entitlement-key-check: 'yes'
spec:
license:
accept: true
secret: <sip-secret>
serviceAccount: default
upgradeStrategy: RollingUpdate
UsePublicImageRegistry: true
# This networkPolicy is most open and hence least secure. You have been warned!
networkPolicy:
podSelector:
matchLabels:
none: none
policyTypes:
- Ingress
ivService:
serviceGroup: dev
promisingService:
serviceGroup: dev
utilityService:
serviceGroup: dev
apiDocsService: {}
omsGateway:
issuerSecret: <sip-oms-gateway-issuer-secret>
replicas: 1
cors:
allowedOrigins: <comma separated list of https://domain:port>
externalServices:
cassandra:
createDevInstance:
resources:
limits:
cpu: '3'
memory: 8000Mi
requests:
cpu: '1'
memory: 5000Mi
keyspace: inventory_visibility_ks
elasticSearch:
createDevInstance: {}
kafka:
createDevInstance: {}
common:
ingress:
host: <public-domain.mycluster.com>
ssl:
enabled: true
identitySecretName: <ingress-cert>
image:
imagePullSecrets:
- name: ibm-entitlement-key
- name: <my-private-registry-key1>
repository: <container_registry>
tag: <release_tag>
# The given YAML is an example to create a PV. Hence, do not use it as is. To create your own PV, see Persistent Volumes in Kubernetes documentation.
storage:
accessMode: ReadWriteMany
capacity: 40Gi
name: sip-storage
storageClassName: defaultNote: For more information about the parameters, see SIPEnvironment custom resource parameters.