omsGateway parameter

Use omsGateway to manage replica counts, worker pool size, cors (Cross-Origin Resource Sharing) settings and more, for OMS Gateway service.

The following YAML snippet is a sample schema of omsGateway:
  omsGateway:
    # property:
      # envVars: oms_gateway_envvars
      # jvmArgs: oms_gateway_jvmargs
    # issuerSecret: ""
    # skipAuthentication: false
    # workerPoolSize: 100
    # sslEnabled: true
    # identitySecretName: <TLS_certificate_name>
    # logLevel: INFO
    # topology: {}
    # replicas: ""
    # resources:
      # limits:
        # cpu: '2'
        # memory:500Mi
      # requests:
        # cpu: '1'
        # memory: 3000Mi 
    # webClient:
      # connectTimeout: 30000
      # keepAlive: true
      # keepAliveTimeout: 60
      # logActivity: false
      # maxPoolSize: 10
      # requestTimeout: 60000
      # trustAll: false
      # verifyHost: true 
    # cors:
      # enabled: true
      # allowedOrigins: '*'
      # deltaHeaders: ''
      # deltaMethods: ''
      # exposedHeaders: ''
      # allowCredentials: true 
    # affinityAndTolerations: ""
    # horizontalPodAutoscaler: ""
    # common: 
      # pod:
        # podAnnotations: {}
        # podLabels: {}
The following table explains the properties applicable for omsGateway.
Table 1. Properties of omsGateway
Property Default value Value type Required Description
affinityAndTolerations string No Use the name of the affinityAndTolerations that is defined in the SIPEnvironment.
horizontalPodAutoscaler string No Specify the name of the pre-defined Horizontal Pod Autoscaler that is to be used. For more information, see horizontalPodAutoscalers parameter.
issuerSecret   string No Specify the name of the JWT issuer secret. For more information, see Creating a JWT issuer secret by using a public key.
property.envVars   string No Use the name of envVars from attribute serverProperties.envVars[].groupName or serverProperties.envVars[].derivatives[].groupName.
property.jvmArgs   string No Use the name of jvmArgs from attribute serverProperties.jvmArgs[].groupName or serverProperties.jvmArgs[].derivatives[].groupName.
skipAuthentication false boolean No Specify skipAuthentication to skip authentication on incoming requests in the OMS Gateway. You are expected to send a pre-authenticated request. If skipAuthentication is set to true, configuring issuerSecret is not required.

When you change the value of skipAuthentication, ensure that you restart the deployment for the changes to take effect.

The routing rules (API definitions) are handled the same way regardless of the value of skipAuthentication. The OMS Gateway API semantics for handling request and response remains unaffected.
identitySecretName   string No Specify the name of the secret that holds the custom TLS certificate. If it is not specified and sslEnabled is true, the Operator generates a self-signed certificate. For more information, see Custom TLS certificate configuration in OMS Gateway.
sslEnabled true boolean No Specify sslEnabled to enable or disable SSL in omsGateway.
workerPoolSize 100 string No Specify the number of worker threads for JWT verifier service.
logLevel INFO string No Specify the logging level for JWT verifier service. Available options are OFF, FATAL, ERROR, WARN, INFO, DEBUG,TRACE, ALL.
replicas 1 integer No Specify the number of replicas for JWT verifier service.
resources object No Specify the CPU and memory resource requests and limits. For more information, see Resource management for pods and containers.
topology array No Specify the names of the Topology Spread Constraints that are to be used for the server. For example, topology: [constraint1, constraint2].

The topology defined in the servers or in the jobs takes precedence over the one defined in the individual service groups.

For more information, see Examples to call Topology Spread Constraints from servers.
webClient   object No Specify the web client properties as explained in webClient parameter.
cors   object No Specify the Cross Origin Resource Sharing (CORS) customization properties as explained in cors parameter.
common       Specify the pod annotations and labels. For more information, see common parameter.

webClient parameter

Table 2. Properties of webClient
Property Default value Value type Required Description
connectTimeout 30000 integer No Specify the connect timeout in milliseconds.
keepAlive true boolean No Set the connection keep alive value.
keepAliveTimeout 60 integer No Specify the keep alive timeout in seconds.
logActivity false boolean No Specify whether to log web client activity.
maxPoolSize 10 integer No Specify the maximum pool size for web client connections.
requestTimeout 60000 integer No Specify the request timeout for web client requests.
trustAll false boolean No Specify whether to trust all web client connections.
verifyHost true boolean No Specify if web client should verify connections.

cors parameter

Table 3. Properties of cors
Property Default value Value type Required Description
enabled true boolean No Specify whether CORS feature is enabled.
allowedOrigins ‘*’ string No Specify the list of comma separated allowed origins for CORS.
deltaHeaders   string No Specify the list of additional HTTP headers to be allowed by CORS.
deltaMethods   string No Specify the list of additional HTTP methods to be allowed by CORS.
exposedHeaders   string No Specify the comma separated list of headers to be exposed by CORS.
allowCredentials true boolean No Specify whether the credentials are allowed by CORS.

common parameter

Table 4. Properties of common
Property Default value Value type Required Description
pod.podAnnotations   object No Specify any additional annotations for pod or deployment as a key-value pair.
pod.podLabels   object No Specify any additional labels for pod or deployment as a key-value pair.
Remember: Do not override the following three labels, as they are internally used by the Operator.
  • app
  • type
  • internal.sip.ibm.com/apps