You can deploy the SOAtest and Virtualize server (or SOAVirt server) manually or using a Helm chart.
Deploying the SOAVirt Server in Kubernetes Manually
To deploy the SOAVirt server in Kubernetes, follow the process outlined below.
Prerequisites
First, create a namespace for the SOAVirt server to run in. For example:
kubectl create namespace parasoft-sv-namespace
Note: The namespace name "parasoft-sv-namespace" is used throughout this documentation in command and resource examples. If you use a different name for your namespace, be sure to change any instances of "parasoft-sv-namespace" in those examples to your namespace name.
Once the SOAVirt server has been licensed, deleting the namespace will invalidate machine-locked licenses, even if you recreate the same namespace.
Next, a Persistent Volume and a Persistent Volume claim are needed. Create a Persistent Volume that can be shared by multiple nodes. It should be provisioned with 300GB of space and must have the ReadWriteMany access mode. This space will be used for the workspace of the SOAVirt server and will store configuration settings as well as Virtual Assets.
The default Persistent Volume Claim name is 'soavirt-pvc' and can be customized by updating the yaml definition of the SOAVirt server. The example shown below is a configuration to set up an NFS Persistent Volume and Persistent Volume Claim. While the example uses NFS, this is not required; use whatever persistent volume type fits your needs.
Warning: The volume must have permissions for the Parasoft user to be able to read and write to the volume. For example, execute the command chown 1000:0 <shared_path>.
apiVersion: v1 kind: PersistentVolume metadata: name: nfs-pv namespace: parasoft-sv-namespace spec: capacity: storage: 300Gi volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain storageClassName: nfs mountOptions: - hard - nfsvers=4.1 nfs: path: <path> server: <ip_address> --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: soavirt-pvc namespace: parasoft-sv-namespace spec: storageClassName: nfs accessModes: - ReadWriteMany resources: requests: storage: 300Gi
Use the yaml file to create a Persistent Volume and a Persistent Volume claim:
kubectl create -f soavirt-pv.yaml
SOAVirt setup
Create the service that can be used to access SOAVirt server in Kubernetes. The example shown below exposes it using a node port, which provides a stable endpoint for applications to access Virtual Assets.
kind: Service apiVersion: v1 metadata: name: soavirt-service namespace: parasoft-sv-namespace spec: selector: tag: soavirt type: NodePort ports: - name: http protocol: TCP port: 9080 targetPort: 9080 nodePort: 30080 - name: events protocol: TCP port: 9617 targetPort: 9617 nodePort: 30617 - name: statistics protocol: TCP port: 9618 targetPort: 9618 nodePort: 30618
Use the yaml file to create service that can be used to access SOAVirt server in Kubernetes:
kubectl create -f soavirt-service.yaml
Optional for Ingress users: To expose the service with Ingress, the following rule can be used with some modifications based on your Ingress setup. Be aware that Events and Statistics require TCP connections which may not be supported by all Ingress Controllers.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: soavirt-ingress
namespace: parasoft-sv-namespace
spec:
rules:
- host: soavirt.company.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: soavirt-service
port:
number: 9080
Use the yaml file to create the Ingress rule:
kubectl create -f soavirt-ingress.yaml
Once the service is created, you will need to create the configuration map for the SOAVirt server and configure a network license or a local license. Note: When using a single replica set, a local license can be used, but when more than one replica set is being used, a license server is needed. See Using a Local License for more information about acquiring and applying a local license.
The server EULA must be accepted by setting 'parasoft.eula.accepted=true' in the ConfigMap.
Warning: When connecting to CTP the property 'server.hostname' should be set with the address of the Service.
apiVersion: v1
kind: ConfigMap
metadata:
name: soavirt-config
namespace: parasoft-sv-namespace
data:
config.properties: |
# Configuration properties for soavirt server
# === END USER LICENSE AGREEMENT ===
# Set to true to accept the end user license agreement
# Please review the EULA.txt file included in the distribution zip for soavirt.war
parasoft.eula.accepted=false
# === WORKING DIRECTORY ===
# Specifies workspace location
#working.dir=C:/Users/../workspace
# === LOGGING CONFIGURATION ===
# Specifies configuration file for logging
logging.config.file=/WEB-INF/default.logging.xml
# Replace with the following line to enable debug information
#logging.config.file=/WEB-INF/debug.logging.xml
# === CTP SERVER ===
# Specifies CTP server endpoint
#env.manager.server=http\://[CTP Server Host]\:8080
# Specifies the server name that will be displayed in CTP
#env.manager.server.name=[Server Name]
# Specifies username for CTP authentication
#env.manager.username=[CTP Server Username]
# Specifies password for CTP authentication
#env.manager.password=[CTP Server Password]
# Enables notifications to CTP for deployments
#env.manager.notify=true
# === SERVLET CONTAINER ===
# Specifies the hostname to use for remote access to this server
# Useful when a name or address must be strictly used for CTP connectivity
# If empty, the address will be auto-detected
#server.hostname=[Server Hostname]
# Specifies port for http
# Port should match your servlet container
server.port.http=9080
# Specifies port for https
# Port should match your servlet container
#server.port.https=8443
# === PRODUCT LICENSING ===
# Enables virtualize functionality
virtualize.license.enabled=true
# Enables soatest functionality
soatest.license.enabled=true
# === NODE-LOCK LICENSE ===
# Specifies password for virtualize local license
#virtualize.license.local.password=[Virtualize License Password]
# Specifies password for soatest local license
#soatest.license.local.password=[Soatest License Password]
# === NETWORK LICENSE ===
# Enables network licensing for virtualize
virtualize.license.use_network=true
# Specifies the type of network license for virtualize ['performance_server_edition', 'runtime_server_edition', 'custom_edition']
virtualize.license.network.edition=custom_edition
# Specifies features for virtualize 'custom_edition' license
virtualize.license.custom_edition_features=Service Enabled, Performance, Extension Pack, Validate, Message Packs, Developer Sandbox 1000 Hits/Day, 10000 Hits/Day, 25000 Hits/Day, 50000 Hits/Day, 100000 Hits/Day, 500000 Hits/Day, 1 Million Hits/Day, Unlimited Hits/Day, 30 HPS, 100 HPS
# Enables network licensing for soatest
soatest.license.use_network=true
# Specifies the type of network license for soatest ['server_edition', 'custom_edition']
soatest.license.network.edition=custom_edition
# Specifies features for soatest 'custom_edition' license
soatest.license.custom_edition_features=RuleWizard, Command Line, SOA, Web, Server API Enabled, Message Packs, Advanced Test Generation Desktop, Advanced Test Generation 5 Users, Advanced Test Generation 25 Users, Advanced Test Generation 100 Users, Requirements Traceability, API Security Testing
# === LICENSE SERVER ===
# Enables using a specific license server
# If true, the license network properties below will be used to retrieve a license
# If false, the DTP server properties will be used to retrieve a license
license.network.use.specified.server=true
# Specifies license server URL, e.g., https://host[:port][/context-path]
license.network.url=https\://[License Server Host]\:8443
# Enables http authentication for the license server
license.network.auth.enabled=false
# Specifies username for license server authentication
#license.network.user=[License Server Username]
# Specifies password for license server authentication
#license.network.password=[License Server Password]
# === DTP SERVER ===
# Specifies DTP server URL, e.g., https://host[:port][/context-path]
#dtp.url=https\://[DTP Server Host]\:8443
# Specifies username for DTP authentication
#dtp.user=[DTP Server Username]
# Specifies password for DTP authentication
#dtp.password=[DTP Server Password]
# Specifies the name of the DTP project that you want to link to
#dtp.project=[DTP Project]
# === MISC ===
# Specifies scripting timeout in minutes
#scripting.timeout.minutes=10
# Enables logging telemetry data
#usage.reporting.enabled=true
# === OIDC ===
# Enables or disables user authentication via OpenID Connect
#oidc.enabled=false
# Specifies the URI of the OpenID Connect server
#oidc.issuer.uri=
# Specifies the ID provided by your OpenID Connect server
#oidc.client.id=
# Specifies the method that will be used to authenticate the user on the OpenID Connect server
#oidc.cli.mode=devicecode
# Specifies the path to the token file containing user authentication information
#oidc.devicecode.token.file=
# === REPORTS ===
# Specifies a tag that represents a unique identifier for each run
# e.g., ${config_name}-${project_module}-${scontrol_branch}-${exec_env}
#session.tag=${config_name}
# Specifies a build identifier used to label results
#build.id=${dtp_project}-yyyy-MM-dd
# Specifies data that should be included in the report
#report.developer_errors=true
#report.developer_reports=true
#report.authors_details=true
#report.testcases_details=false
#report.test_suites_only=true
#report.failed_tests_only=false
#report.output_details=false
#report.env_details=false
#report.organize_security_findings_by=CWE
#report.associations=false
#report.assoc.url.pr=
#report.assoc.url.fr=
#report.assoc.url.task=
#report.assoc.url.req=
#report.assoc.url.test=
# Specifies report format configuration ['html', 'pdf', 'xml', 'custom']
report.format=html
#report.custom.extension=
#report.custom.xsl.file=
# Specifies installation directory for Jtest or dotTEST that generates coverage report
#jtest.install.dir=
#dottest.install.dir=
Use the yaml file to create the configuration map for the SOAVirt server:
kubectl create -f soavirt-config.yaml
After creating the configuration map, you need to create the service account and required permissions.
apiVersion: v1 kind: ServiceAccount metadata: name: parasoft-account namespace: parasoft-sv-namespace automountServiceAccountToken: true --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: parasoft-read namespace: parasoft-sv-namespace rules: - apiGroups: - "*" resources: - "*" verbs: - get - read - list --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: parasoft-read-bind namespace: parasoft-sv-namespace roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: parasoft-read subjects: - kind: ServiceAccount name: parasoft-account namespace: parasoft-sv-namespace
Use the yaml file to create the service account and required permissions:
kubectl create -f parasoft-permissions.yaml
You should see something similar to the output below in your console:
serviceaccount/parasoft-account created role.rbac.authorization.k8s.io/parasoft-read created rolebinding.rbac.authorization.k8s.io/parasoft-read-bind created
The following creates the SOAVirt server. If a custom Persistent Volume Claim name was used in previous steps, make sure to update the 'claimName' field to match the custom name.
Warning: When scaling beyond one replica, the events and statistics services should be disabled.
Note: kind: Deployment is not supported. Use either kind: Pod or kind: StatefulSet.
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: soavirt
namespace: parasoft-sv-namespace
labels:
tag: soavirt
spec:
replicas: 1
selector:
matchLabels:
tag: soavirt
serviceName: soavirt
template:
metadata:
labels:
tag: soavirt
spec:
securityContext:
runAsNonRoot: true
serviceAccountName: parasoft-account
automountServiceAccountToken: true
volumes:
- name: soavirt-pv
persistentVolumeClaim:
claimName: soavirt-pvc
- name: soavirt-config
configMap:
name: soavirt-config
containers:
- name: soavirt
image: parasoft/soavirt-server
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
seccompProfile:
type: RuntimeDefault
volumeMounts:
- name: soavirt-pv
mountPath: /usr/local/parasoft/soavirt/webapps/ROOT/workspace
- name: soavirt-config
mountPath: /usr/local/parasoft/soavirt/webapps/config.properties
subPath: config.properties
ports:
- name: http
containerPort: 9080
- name: events
containerPort: 9617
- name: statistics
containerPort: 9618
startupProbe:
httpGet:
path: /soavirt/api/v6/healthcheck
port: 9080
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 30
failureThreshold: 3
livenessProbe:
httpGet:
path: /soavirt/api/v6/healthcheck
port: 9080
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 30
env:
- name: CATALINA_OPTS
value: "-Dparasoft.auto.deploy.new=false
-Dparasoft.event.monitoring.broker.port=9617
-Dparasoft.server.statistics.broker.port=9618
-Dparasoft.cloudvm=true
-Dparasoft.cloudvm.config=Kubernetes"
- name: PARASOFT_POD_NAME #REQUIRED, DO NOT CHANGE
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: PARASOFT_POD_NAMESPACE #REQUIRED, DO NOT CHANGE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
Use the yaml file to create the SOAVirt server:
kubectl create -f soavirt.yaml
Required Settings for a Stable Machine ID
As you modify the soavirt.yaml shown above or craft your own yaml, be aware that the following fields need to be consistent across upgrades and redeployments in order to assure a stable machine ID:
- metadata: name
- metadata: namespace
- containers: name
In addition, the following environment variables are required:
- env: name: PARASOFT_POD_NAME
- env: name: PARASOFT_POD_NAMESPACE
Using a Local License
To use a node-lock license, you will need to retrieve the machine ID from the deployed server in order to procure your license from Parasoft.
Open a shell to the running container:
kubectl exec --stdin --tty soavirt-0 -n parasoft-sv-namespace -- /bin/bash
Make a curl call to the SOAVirt REST API to retrieve the machine ID:
curl http://localhost:9080/soavirt/api/v6/status?fields=machineId
- Note the machine ID in the response and provide it to your Parasoft representative, who will send you a license password.
- Once you've received your license password, apply it in the soavirt-config.yaml.
Apply the updated soavirt-config.yaml to the running container:
kubectl apply -f soavirt-config.yaml
The license will be applied when the pod is restarted automatically. Alternatively, you can delete and recreate the pod for the changes to take effect.
kubectl delete -f soavirt.yaml kubectl create -f soavirt.yaml
Deploying SOAVirt Server in Kubernetes with a Helm Chart
Parasoft has published an official Helm chart to Docker Hub for your convenience. Full installation instructions are included in the overview. See https://hub.docker.com/r/parasoft/soavirt-server-helm.
