Versions Compared

Old Version 1

changes.mady.by.user Robert Andelin

Saved on

compared with

New Version Current

changes.mady.by.user Robert Andelin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space FUNCTDEV and version SVC2025.2

...

Table of Contents
maxLevel23

Deploying the SOAVirt Server in Kubernetes Manually

...

Code Block
languagetext
serviceaccount/parasoft-account created
role.rbac.authorization.k8s.io/parasoft-read created
rolebinding.rbac.authorization.k8s.io/parasoft-read-bind created

The following yaml below creates the SOAVirt server. If a custom Persistent Volume Claim name was used in previous steps, make sure to update the 'claimName' field to match the custom name.

Note: kind: Deployment is not supported. Use either kind: Pod or kind: StatefulSet.

...

Required Settings for a Stable Machine ID
Anchor
RequiredSettingsForStableMachineID
RequiredSettingsForStableMachineID

...

As you modify the

soavirt-pod.yaml sample shown below or craft your own yaml, be aware that the following fields need to be consistent across upgrades and redeployments in order to assure a stable machine ID:

  • metadata: name
  • metadata: namespace
  • containers: name

In addition, the following environment variables are required:

  • env: name: PARASOFT_POD_NAME
  • env: name: PARASOFT_POD_NAMESPACE

Note: kind: Deployment is not supported. Use either kind: Pod or kind: StatefulSet.

Code Block
languageyml
titlesoavirt-pod.yaml
apiVersion:
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: soavirt
  namespace: parasoft-sv-namespace
  labels:
    app: soavirt
spec:
  replicas: 1
  selector:
    matchLabels:
      app: soavirt
  serviceName: soavirt
  template:
    metadata:
      labels:
        app: soavirt
    spec:
      securityContext:
        runAsNonRoot: true
      serviceAccountName: parasoft-account
      automountServiceAccountToken: true
      volumes:
      - name: soavirt-pv
        persistentVolumeClaim:
          claimName: soavirt-pvc
      - name: soavirt-config
        configMap:
          name: soavirt-config
      containers:
      - name: soavirt
        image: parasoft/soavirt-server
        imagePullPolicy: IfNotPresent
# When running on Kubernetes nodes with more than 32 CPU cores the product will print the following in the logs: This machine exceeds the licensed number of CPU cores
# To reduce the number of cores available, uncomment the following resource specification (if you are using OpenShift, see the note below) or contact Parasoft to enable running on higher core counts.
#        resources:
#          limits:
#            cpu: "4" 
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop: ["ALL"]
          seccompProfile:
            type: RuntimeDefault
        volumeMounts:
        - name: soavirt-pv
          mountPath: /usr/local/parasoft/soavirt/webapps/ROOT/workspace
        - name: soavirt-config
          mountPath: /usr/local/parasoft/soavirt/webapps/config.properties
          subPath: config.properties
        ports:
        - name: http
          containerPort: 9080
        - name: https
          containerPort: 9443
        startupProbe:
          httpGet:
            path: /soavirt/api/v6/healthcheck
            port: 9080
          initialDelaySeconds: 30
          periodSeconds: 30
          timeoutSeconds: 30
          failureThreshold: 3
        livenessProbe:
          httpGet:
            path: /soavirt/api/v6/healthcheck
            port: 9080
          initialDelaySeconds: 30
          periodSeconds: 30
          timeoutSeconds: 30 
        envFrom:
        - secretRef:
            name: soavirt-secret
            optional: true 
        env:
        - name: CATALINA_OPTS
          value: "-Dparasoft.auto.deploy.new=false
                   -Dparasoft.cloudvm=true
                   -Dparasoft.cloudvm.config=Kubernetes"
        - name: PARASOFT_POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: PARASOFT_POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace

...

No Format
nopaneltrue
/usr/local/parasoft/soavirt/logs
/usr/local/parasoft/soavirt/temp
/usr/local/parasoft/soavirt/webapps/ROOT/WEB-INF/configs/builtin
/usr/local/parasoft/soavirt/webapps/ROOT/felix-cache
/usr/local/parasoft/soavirt/webapps/ROOT/apifiles
/usr/local/parasoft/soavirt/work/Catalina/localhost/ROOT
/usr/local/tomcat/logs/ 

Modifying the java.security File (Optional)

You may want to use a modified java.security file if, for example, you want to enable or disable specific SSL cipher suites or make other related security configurations. To do so, create a modified copy of your java.security file, store it in a ConfigMap, and mount it into the pod at /usr/local/parasoft/java.security.

There are a few options you will want to keep in mind when applying your changes:

  1. When using your modified java.security settings, it's important to disable the global properties. If you don't, they will override your modifications:
    -Djava.security.disableSystemPropertiesFile=true
  2. To override the default security file, explicitly specify that the JVM should use your custom security properties file:
    -Djava.security.properties==/usr/local/parasoft/java.security
    Note the double equal sign (==) that tells Java to fully replace the java.security settings that would normally be loaded from the jvm.
  3. To debug which java.security properties were loaded, add the java.security.debug property:
    -Djava.security.debug=properties

Put all together, you would add the following to the env: section of the soavirt container:

Code Block
languageyml
        - name: JAVA_OPTS
          value: "-Djava.security.disableSystemPropertiesFile=true
                       -Djava.security.properties==/usr/local/parasoft/java.security
                       -Djava.security.debug=properties"

Deploying SOAVirt Server in Kubernetes with a Helm Chart

...