Skip to main content

Scope here: How to use KOBIL Shift Operator "addons" feature to apply additional services on top of KOBIL Shift services

Overview

Standard KOBIL Shift deployment is using the default Shift "metaconfig" "values.yaml" covering all available default KOBIL Shift service configuration sections and parameter. To apply additional services into the KOBIL Shift deployment using the KOBIL Shift Operator the "addons" feature could be used. This will allow to add a service configuration section to the KOBIL Shift metaconfig "values.yaml" which is then processed by the KOBIL Shift Operator. Find this describe in the KOBIL Shift README (Section: ServiceGroup for additional helm charts).

Shift "addons" feature

Adding additional service declaration to KOBIL Shift metaconfig "values.yaml" ahead of the available default services could be done by using an "addons" section. When running the KOBIL Shift "helm install shift" this will create additional servicegroup resource in the KOBIL Shift targeted namespace which is then processed by the KOBIL Shift Operator functionality.

Sample Configuration:

addons:
  testdata-generator:
    version: 0.1.0
    enabled: true
    readycheck: true
    # specific repo
    repository: https://charts.testsample.com
    # testdata-consumer-endpoint
    baseUrl: "https://login.testing.com"

Configuration Demo for SSMS/Shift Migration router services:

Find here a configuration sample for the KOBIL Shift metaconfig - with added comments to explain specifics. Please add this as appropriate to the existing KOBIL Shift metaconfig file values-shift.yaml:

addons:
  ast_migration_router:
    global:
      annotations:
        # set this matching to the KOBIL Shift environment
        workload:
          ks.workload: shift-namespace
      labels:
        workloadPod:
          # set this matching to the KOBIL Shift environment
          ks.pod: shift-namespace
      routing:
        # matching the domain-name to KOBIL Shift service domain
        # set this matching to the KOBIL Shift environment
        domain: banking.testing.com
        istio:
          enabled: true
          gateways:
            # set this matching to the KOBIL Shift environment
            public: true
            external: true
            admin: true
          options:
            inject: true
            # set this matching to the KOBIL Shift environment
            gatewayNamePrefix: banking-shift
      podDisruptionBudget:
        enabled: true
 
    api:
      optionalApiGroups:
        mb: true
      security:
        openidConnect:
          baseUrl: 'http://<service-name-shift-idp-core>:80/auth'
    kafka:
      # verify external kafka setup from KOBIL Shift metaconfig
      bootstrapServers: 'kafka-cluster-kafka-bootstrap:9092'
    logging:
      level: DEBUG
      soapLevel: DEBUG
    database:
      host: db-postgres.testing.com
      port: 5432
      databaseName: <ast_migration_router_db>
      # DatabaseCredentialsSecret not possible
      auth:
        username: <ast_migration_router_db-username>
        password: <ast_migration_router_db-password>
    encryption:
      # database encryption is optional
      masterSecret:
        value: "<ast_migration_router_db-encryption-key>"
    rest:
      ast:
        clientManagementUrl: 'http://<service-name-astclientmanagement>'
        tmsUrl: 'http://<service-name-ast-tms>'
      idp:
        realms:
          - <banking-realm-name>
      mb:
        # Service-names for MB-chart-services
        activationCodeUrl: 'http://<service-name-mb-mb-activation-code>'
        bridgeUrl: 'http://<service-name-mb-mbbridge>'
        contractUrl: 'http://<service-name-mb-mbcontract>'
        letterUrl: 'http://<service-name-mb-mbletter>'
        pushUrl: 'http://<service-name-mb-mbpn>'
    router:
      tenantMapping:
        - shift: <banking-realm-name>
          ssms: <ssms-tenant-name>
      usernameTransformation: uppercase
    ssms:
      host: ssms.<ssmsbank.domain>
      soap:
        mgt:
          port: 443
          auth:
            # optional to make use of Secret ssms.soap.mgt.auth.existingSecretName
            tenants:
              <ssms-tenant-name>:
                operatorName: <operator-name>
                password: <operator-password>
        svc:
          port: 443
          auth:
            # optional to make use of Secret ssms.soap.svc.auth.existingSecretName
            tenants:
              <ssms-tenant-name>:
                portalId: <portal-user-name>
                sharedSecret: <portal-user-password>

Find here a configuration sample for the custom KOBIL MB-Chart metaconfig - with added comments to explain specifics. Please add this as appropriate to the existing KOBIL MB metaconfig file values-mb.yaml:

addons:
  mb_migration_router:
    global:
      annotations:
        workload:
          ks.workload: shift-namespace
      routing:
        # matching the domain-name to KOBIL Shift service domain
        # set this matching to the KOBIL Shift environment
        domain: banking.testing.com
        istio:
          enabled: true
          gateways:
            # set this matching to the KOBIL Shift environment 
            public: true
            external: true
            admin: true
          options:
            inject: true
            # set this matching to the KOBIL Shift environment 
            gatewayNamePrefix: banking-shift
      podDisruptionBudget:
        enabled: true