...
Code Block | ||
---|---|---|
| ||
~$ kubectl create configmap keystore-cfgmap --from-file=keystore=/path/to/.keystore --from-file=server-config=/path/to/server.xml configmap/keystore-cfgmap created |
Note: The custom server.xml being used in a configuration map may need to be updated manually when upgrading to a newer DTP Docker image. Any required changes for a given version will be documented in its release notes. Be sure to check all the release notes between your current version and the one to which you are upgrading.
Custom Truststore
Using a custom truststore in Kubernetes environments is similar to using a custom keystore as described above. Adjust the directions for using a custom keystore as appropriate. Note that the truststore location is /usr/local/parasoft/dtp/jre/lib/security/cacerts
.
Volume Mount Security Policies (Optional)
If your security policy requires applications to only write to mounted volumes, then in addition to the dtp-data
directory (which is already set in the example pod) you will need to mount the following locations for the specified containers:
dtp-server:
No Format | ||
---|---|---|
| ||
/usr/local/parasoft/dtp/tomcat/temp
/usr/local/parasoft/dtp/tomcat/logs
/usr/local/parasoft/dtp/tomcat/work
/usr/local/parasoft/dtp/tomcat/conf/PST
/usr/local/parasoft/dtp/tomcat/conf/Internal
|
extension-designer (if enabled):
No Format | ||
---|---|---|
| ||
/tmp |
Notes:
- Do not mount
/usr/local/parasoft/data-tmp
. You can ignore errors related todata-tmp
like "rm: cannot remove '/usr/local/parasoft/data-tmp/LicenseServer/conf/licserv.enc': Read-only file system" in the Kubernetes logs. - You can ignore errors related to server.xml if the file is not mapped using a configuration map as documented in Custom Keystore.
Troubleshooting
Accessing Additional Logging
...