Jump to: navigation, search

Recommendations

The recommendations in this topic apply only to Kubernetes.

Ingress

CX Contact UI requires Session Stickiness. Use ingress-nginx as the ingress controller (https://github.com/kubernetes/ingress-nginx).

Important
CX Contact helm chart contains default annotations for session stickiness only for ingress-nginx. If you are using a different ingress controller, refer to its documentation for session stickiness configuration.

Ingress SSL

Starting from Chrome 80, the SameSite cookie must have the Secure flag (https://blog.chromium.org/2020/02/samesite-cookie-changes-in-february.html). Therefore, it is highly recommended that you configure a valid SSL certificate on ingress.

Logging

Log rotation is required so that logs do not consume all of the available storage on the node.

Kubernetes is currently not responsible for rotating logs. Log rotation can be handled by the docker json-file log driver by setting the max-file and max-size options.

For effective troubleshooting, the engineering team should provide stdout logs of the pods (using the command kubectl logs). As a result, log retention will not be very aggressive (https://docs.docker.com/config/containers/logging/json-file/#examples). For example:

{
  “log-driver”: “json-file”,
  “log-opts”: {
    “max-size”: “100m”,
   “max-file”: “3” 
  }
}

For on-site debugging purposes, CX Contact logs can be collected and stored in Elasticsearch. (For example, EFK stack https://medium.com/avmconsulting-blog/how-to-deploy-an-efk-stack-to-kubernetes-ebc1b539d063).

Monitoring

CX Contact provides metrics that can be consumed by Prometheus and Grafana. It is recommended to have the Prometheus Operator (https://github.com/prometheus-operator/prometheus-operator) installed in the cluster. CX Contact helm chart supports the creation of CustomResourceDefinitions that can be consumed by the Prometheus Operator.

Shared Filesystem

The Kubernetes cluster must support ReadWriteMany Persistent Volumes. To support ReadWriteMany Persistent Volumes, use the NFS server configured outside the cluster or via container (https://github.com/kubernetes/examples/tree/master/staging/volumes/nfs). Containers run as a Genesys user (uid:gid 500:500). Therefore, shared volume must have permissions that allow write access to uid:gid 500:500.

This page was last edited on April 23, 2021, at 18:46.
Comments or questions about this documentation? Contact us for support!