Versions Compared

Old Version 6

changes.mady.by.user Robert Andelin

Saved on

compared with

New Version Current

changes.mady.by.user Robert Andelin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DTPDEVEL and version 2022.1

...

Code Block
languageyml
titleparasoft-permissions.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: parasoft-namespace
---
# Stable access for clients to license server
kind: Service
apiVersion: v1
metadata:
  name: parasoft-service
  namespace: parasoft-namespace
spec:
  selector:
    tag: parasoft-service
  ports:
    - name: https
      port: 443
      protocol: TCP
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: parasoft-account
  namespace: parasoft-namespace
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleRole
metadata:
  name: parasoft-namespace-role
  namespace: parasoft-namespace
rules:
- apiGroups:
  - "*"
  resources:
  - "*"
  verbs:
  - "*"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: parasoft-read-role
rules:
- apiGroups:
  - ""
  resources:
  - nodes
  - namespaces
  verbs:
  - get
  - read
  - list
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: parasoft-read-bind
  namespace: parasoft-namespace
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: parasoft-read-role
subjects:
- kind: ServiceAccount
  name: parasoft-account
  namespace: parasoft-namespace
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBindingRoleBinding
metadata:
  name: parasoft-namespace-bind
  namespace: parasoft-namespace
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRoleRole
  name: parasoft-namespace-role
subjects:
- kind: ServiceAccount
  name: parasoft-account
  namespace: parasoft-namespace

Use your yaml file to create those accounts and namespaces before creating the DTP environment::

Code Block
languagetext
kubectl create -f parasoft-permissions.yaml

You should see something similar to the output below in your console:

Code Block
languagetext
namespace/parasoft-namespace created
service/parasoft-service created
serviceaccount/parasoft-account created
role.rbac.authorization.k8s.io/parasoft-namespace-role created
clusterrole.rbac.authorization.k8s.io/parasoft-read-role created
clusterrolebinding.rbac.authorization.k8s.io/parasoft-read-bind created
rolebinding.rbac.authorization.k8s.io/parasoft-namespace-bind created
Code Block
languagetext
kubectl create -f parasoft-permissions.yaml
Warning

The "parasoft-namespace" namespace defined in the provided configuration is required and we recommend using the "parasoft-permissions.yaml" as it is documented. The service account used by the DTP Pod requires access to the "parasoft-namespace" namespace, therefore if you choose to create a custom permissions configuration that has different names for the resources defined in the provided permissions configuration, then a namespace with the name "parasoft-namespace" must also be created. If this namespace requirement is not met, DTP will treat any license installed as invalid.

...

Code Block
languageyml
titleparasoft-dtp.yaml
apiVersion: v1
kind: Pod
metadata:
  name: dtp
  namespace: parasoft-namespace
  labels:
    app: DTP
spec:
  volumes:
    - name: dtp-data
      nfs:
        server: NFS_SERVER_HOST
        path: /dtp/
  containers:
    - name: dtp-server
      image: DTP_DOCKER_IMAGE
       args: ["--run", "dtp"]
      imagePullPolicy: Always
      ports:
        - name: "http-server"
          containerPort: 8080
        - name: "https-server"
          containerPort: 8443
      volumeMounts:
        - mountPath: "/usr/local/parasoft/data"
          name: dtp-data
      livenessProbe:
        exec:
          command:
          - healthcheck.sh
          - --verify
          - dtp
        initialDelaySeconds: 120
        periodSeconds: 30
        failureThreshold: 20
    - name: data-collector
      image: DTP_DOCKER_IMAGE
       args: ["--run", "datacollector", "--no-copy-data"]
      imagePullPolicy: Always
      ports:
        - containerPort: 8082
      volumeMounts:
        - mountPath: "/usr/local/parasoft/data"
          name: dtp-data
      livenessProbe:
        exec:
          command:
          - healthcheck.sh
          - --verify
          - datacollector
        initialDelaySeconds: 30
        periodSeconds: 10
        failureThreshold: 5
  restartPolicy: Always
  serviceAccountName: parasoft-account
  imagePullSecrets:
    - name: YOUR_SECRET
---
apiVersion: v1
kind: Service
metadata:
  name: dtp
  namespace: parasoft-namespace
spec:
  selector:
    app: DTP
  ports:
    - name: "http-server"
      protocol: TCP
      port: 8080
      targetPort: 8080
    - name: "data-collector"
      protocol: TCP
      port: 8082
      targetPort: 8082
    - name: "https-server"
      protocol: TCP
      port: 8443
      targetPort: 8443
---
apiVersion: v1
kind: Service
metadata:
  name: dtp-external
  namespace: parasoft-namespace
spec:
  type: NodePort
  selector:
    app: DTP
  ports:
    - port: 8080
      name: HTTP_PORT_NAME
      nodePort: XXXXX
    - port: 8082
      name: DC_PORT_NAME
      nodePort: XXXXX
    - port: 8443
      name: HTTPS_PORT_NAME
      nodePort: XXXXX

# SERVICE CONFIG NOTES:
# 'name' can be whatever you want
# 'nodePort' must be between 30000-32768
# 'spec.selector' must match 'metadata.labels' in pod config

...

This will initialize the contents of the persistent volume, however, additional setup is required for the DTP and Data Collector containers to run correctly.

Setup Set up DTP to connect to your database

...

Code Block
languagetext
DTP_DATA_DIR/lib/thirdparty/

Initialize the DTP database. For example, if you are connecting to a MySQL databases that exist exists in the same cluster:

Code Block
languagetext
kubectl exec dtp -c dtp-server -- cat dtp/grs/db/dtp/mysql/create.sql | kubectl exec -i <mysql pod name> -- mysql -u<username> -p<password>

...