Network considerations
IBM® TRIRIGA® Application Suite network HTTPS endpoints are exposed by using secure Red Hat®
OpenShift® routes of reencrypt
termination type.
The fully qualified domain name of TRIRIGA Application Suite network endpoints has
the form <route-name>-<namespace>.<domain>
. If the
rt.domain
field of the TRIRIGA Application Suite instance is equal to
default
, then the default subdomain of Red Hat
OpenShift Container Platform cluster
is used, and the routes are secured by using the default cluster certificate. If the
rt.domain
field is set to a custom domain, then you need to provide a certificate
able to secure the custom domain with a Kubernetes secret of tls
type. The
ca.crt
field of this secret can be left empty, but must be present, while the
tls.key
and tls.crt
fields are required. Ensure that the DNS is
correctly configured, in case of the adoption of a custom domain method.
All the TRIRIGA Application Suite routes are annotated with a default timeout of 600
seconds (600s). This value can be overridden by using the optional attribute
*spec.rt.timeout*
of the custom resource, a string with the structure
```<timeout_value><time_unit>```, where ```<timeout_value>``` is any nonzero unsigned
integer number and the supported ```<time_unit>``` are microseconds (us), milliseconds (ms),
seconds (s), minutes (m), hours (h), or days (d).
<TAS-instance-name>-smtp-service
. Decide and implement the
process to expose the SMTP server endpoint required by the TRIRIGA Reserve application and Microsoft Exchange integration, based on the available networking
capabilities and in respect of the local security standards. For more information, to publish
outside the cluster, a non-HTTP service look for Publishing Services. The selector needed to identify the PODs implementing
the TRIRIGA SMTP server endpoint is tas.ibm.com/smtp:
'<TAS-instance-name>
and the spec.ports
array of the Service object
must include the following item, independently of the chosen service
type:
- name: 'smtp'
protocol: TCP
port: <incoming-port>
targetPort: 1025
The integration between the TRIRIGA Reserve
application and Microsoft Exchange needs to send the network traffic to port 25. You can set
<incoming-port>
to 25, if the underlying network provider allows for network
traffic to be directly sent to your cluster on port 25. If this is not the case, then you need to
establish port address translation for incoming traffic on port 25 directed to your cluster,
following the processes and using the tools established by your underlying network provider. The
<incoming-port>
is the value agreed with your underlying network
provider.