Network considerations
All the IBM TRIRIGA Application Suite network HTTPS endpoints are exposed using secure Openshift routes of reencrypt termination type.
The fully qualified domain name of TAS network endpoints has the form
<route-name>-<namespace>.<domain>
. If the
rt.domain field of the TAS instance is equal to default, then the
default subdomain of OCP cluster is used, and the routes are secured using the default
cluster certificate. If the rt.domain field is set to a custom domain, then you
need to provide a certificate able to secure the custom domain using a Kubernetes secret
of tls type. The ca.crt field of this secret can be left empty, but must
be present, while the tls.key and tls.crt fields are required. Ensure that
the DNS is correctly configured, in case of the adoption of a custom domain method.
All the IBM TRIRIGA Application Suite routes are annotated with a default timeout of 600 seconds (600s). This value can be overridden by using the optional attribute *spec.rt.timeout* of the custom resource, a string with the structure ```<timeout_value><time_unit>```, where ```<timeout_value>``` is any non-zero unsigned integer number and the supported ```<time_unit>``` are microseconds (us), milliseconds (ms), seconds (s), minutes (m), hours (h), or days (d).
<TAS-instance-name>-smtp-service
anymore. You must decide and
implement the process to expose the SMTP server endpoint required by the TRIRIGA Reserve
application and Microsoft® Exchange integration, based on the available networking
capabilities and in respect of the local security standards. For more information, to
publish outside the cluster, a non HTTP service look for Publishing Services. The selector needed to identify the
PODs implementing the TRIRIGA SMTP server endpoint is tas.ibm.com/smtp:
'<TAS-instance-name>
and the spec.ports
array of the
Service object must include the following item, independently of the chosen service
type:
- name: 'smtp'
protocol: TCP
port: <incoming-port>
targetPort: 1025
The integration between the TRIRIGA Reserve application and Microsoft® Exchange needs to
send the network traffic to port 25. You can set <incoming-port>
to 25, if the underlying network provider allows for network traffic to be directly sent
to your cluster on port 25. If this is not the case, then you need to establish port
address translation for incoming traffic on port 25 directed to your cluster, following
the processes and using the tools established by your underlying network provider. The
<incoming-port>
is the value agreed with your underlying
network provider.