5 About Integrating Offline Mediation Controller REST Services Manager with Cloud Native
You can integrate an external application with Oracle Communications Offline Mediation Controller cloud native by using Offline Mediation Controller REST Services Manager.
Topics in this document:
About Offline Mediation Controller REST Services Manager
The Offline Mediation Controller REST Services Manager allows you to perform the same operations as the NMShell application using external client applications. For example, it allows your external application to do the following in Offline Mediation Controller:
- Manage Nodes
- Manage Node Managers
- Retrieve a list of node chains
- Compile and save the NPL rules file
- Export node configurations and customizations
About Offline Mediation Controller REST Services Manager Cloud Native Architecture
Figure 5-1 Offline Mediation Controller REST Services Manager Cloud Native Architecture
- REST Services Manager Deployment: The primary deployment of REST Services Manager with all the necessary components and configurations.
- REST Services Manager HTTP and HTTPS Service: This service exposes REST Services Manager to ports, allowing access to REST Services Manager through HTTP and HTTPS protocols.
- Validator ConfigMap: There is a unique ConfigMap for each market segment.
- REST Services Manager App ConfigMap: The ConfigMap contains the application.yaml file, which holds the configurations required to initiate the REST Services Manager server.
- REST Services Manager Logging ConfigMap: The ConfigMap holds the log4j2.yaml file, encompassing logging-related configurations.
- Admin Server Keystore Secret: This secret contains the administration server KeyStore file in a Base64-encoded format.
- RSM HTTPS TLS Secret: This secret contains the HTTPS TLS store utilized by REST Services Manager when the HTTPS protocol is enabled.
- REST Services Manager App Secret: This secret contains all confidential information necessary to launch the REST Services Manager server.
- vol-external: This is an optional PV reference. REST Services Manager will incorporate it only if the flag rsm.pvc.ocomcExternal.enabled in the override-values.yaml file is set to true. When enabled, the REST Services Manager will share the vol-external PV of the OCOMC core deployment. It is mandatory to enable this flag if the node chain solution includes cartridges containing sensitive information such as FTP or database passwords.
- rsm-vol-external: This PV is optional and can be enabled by setting the flag rsm.pvc.external.enabled to true in the values.yaml file. When enabled, the REST Services Manager will load custom cartridges from the specified PV into the classpath. The source directory for it can be configured in the override-values.yaml file.
Installing Offline Mediation Controller REST Services Manager
The Offline Mediation Controller REST Services Manager can be installed along with core Offline Mediation Controller components using a unified Helm chart.
To install Offline Mediation Controller REST Services:
- Configure and install all required third-party software. See "Setting Up Prerequisite Software".
- Configure the Offline Mediation Controller server and REST Services Manager connection. See "Configuring the Offline Mediation Controller Core and REST Services Manager Connection".
- Configure the REST Services Manager server. See "Configuring the REST Services Manager Server".
- Load custom validators. See "Configuring and Loading Custom Validators".
- Deploy Offline Mediation Controller REST Services Manager. See "Deploying Offline Mediation Controller Services".
Setting Up Prerequisite Software
- Ensure that you have downloaded the latest software that is compatible with Offline Mediation Controller cloud native. See "Offline Mediation Controller Cloud Native System Requirements" in Offline Mediation Controller Compatibility Matrix.
- Ensure that your environment setup is complete. See "Setting Up Your Environment".
- Download the Offline Mediation Controller cloud native Helm chart. See "Downloading Packages for the Offline Mediation Controller Cloud Native Helm Charts".
Configuring the Offline Mediation Controller Core and REST Services Manager Connection
- In your override-values.yaml file for
oc-cn-ocomc-helm-chart, set the following keys:
- ocomcRSM.rsm.adminServerConnection.hostname: Specify the hostname where the Offline Mediation Controller Admin Server is running.
- ocomcRSM.rsm.adminServerConnection.port: Specify the port where Offline Mediation Controller Admin Server listens.
- If Offline Mediation Controller core uses SSL, do the following:
- Copy your adminClientTruststore.jks file from the vol-keystore PV of Offline Mediation Controller core to the oc-cn-ocomc/rsm/ocomc-rsm-keystore directory.
- In your override-values.yaml file, set the following
keys:
- ocomcRSM.rsm.adminServerConnection.ssl.enabled: Set this key to true. This enables SSL between REST Services Manager and the Admin Server.
- ocomcRSM.rsm.adminServerConnection.ssl.keystoreName: Specify the name of your KeyStore file, such as adminClientTruststore.jks.
- If authentication is enabled for Offline Mediation Controller core,
set the following keys in your override-values.yaml file:
- ocomcRSM.rsm.adminServerConnection.username: Specify the user name for logging in to the Admin Server.
- ocomcRSM.rsm.adminServerConnection.password: Specify the password for logging in to the Admin Server.
Configuring the REST Services Manager Server
To configure the Offline Mediation Controller REST Services Manager Server:
-
Enable HTTPS in REST Services Manager by doing the following:
-
Copy your generated .p12 KeyStore file to the REST Services Manager Helm chart directory (oc-cn-ocomc/charts/oc-cn-ocomc-rsm/ocomc-rsm-keystore).
-
Set the following keys in your override-values.yaml file for oc-cn-ocomc:
-
ocomcRSM.rsm.https.enabled: Set this to true.
-
ocomcRSM.rsm.https.ketsotreName: Specify the name of the KeyStore file with the extension.
-
ocomcRSM.rsm.https.keystorePassPhrase: Specify the KeyStore passphrase.
-
-
-
Expose REST Services Manager through a NodePort by setting the following keys in your override-values.yaml file:
-
ocomcRSM.rsm.service.type: Set this to NodePort.
-
ocomcRSM.rsm.service.nodePort: Specify the port number.
-
ocomcRSM.rsm.https.service.nodePort: If the HTTPS port is enabled, specify the port for exposing the HTTPS port outside the cluster.
-
-
Enable Oracle Access Management authentication by setting the following keys in your override-values.yaml file:
-
ocomcRSM.rsm.security.provider: Set this to OAM.
-
ocomcRSM.rsm.security.configuration.oam: Fill in the Oracle Access Management and Oracle Unified Directory configuration details.
-
-
Set the log levels to the appropriate level in the ocomcRSM.rsm.logging.packagingLogging keys in your override-values.yaml file.
Configuring and Loading Custom Validators
In Offline Mediation Controller REST Services Manager, you can configure custom validators.
- Enable custom validators for Offline Mediation Controller RSM. In your override-values.yaml file for oc-cn-ocomc-helm-chart, set the ocomcRSM.rsm.customisation.nodeConfigValidator.validators.enabled key to true.
- Create a subdirectory within the RSM Helm chart directory (oc-cn-ocomc-rsm/ocomc-rsm-validator) with the name of the market segment for the validator. For example, create a directory named oc-cn-ocomc-rsm/ocomc-rsm-validator/my-market.
- Copy the validator YAML files into the directory created in the previous step.
- In your override-values.yaml file, set the ocomcRSM.rsm.customisation.nodeConfigValidator.validators.marketSegments key to a list of supported market segments.
About the Offline Mediation Controller REST Services Manager Keys
Table 5-1 Offline Mediation Controller REST Services Manager Keys
| Key | Path in values.yaml file | Description |
|---|---|---|
|
imagePullSecrets |
- |
The location of your imagePullSecrets, which stores the credentials (or Secret) for accessing your private Docker registry. |
|
name |
ocomcRSM.rsm |
The name to use for the deployment. The final name of the deployment is derived using the name provided. |
|
fullname |
ocomcRSM.rsm |
The final name of the deployment to use. This would be used for the deployment without any modification. |
|
replicas |
ocomcRSM.rsm |
The total number of REST Services Manager pods to run in the deployment. |
|
restartCount |
ocomcRSM.rsm |
Tracks the number of restarts. To restart the pods, increment the value by 1 and run the helm upgrade command. |
|
serviceMonitor.enabled |
ocomcRSM.rsm |
Whether to enable the service monitor for REST Services Manager metrics. |
|
imageRepository |
ocomcRSM.rsm.container |
The repository from where the REST Services Manager image can be pulled. Note: The repository URI should not end with a trailing slash. |
|
imagePullPolicy |
ocomcRSM.rsm.container |
The image pull policy to use for the deployment. The default value is IfNotPresent, which specifies not to pull the image if it's already present. Applicable values are IfNotPresent and Always. |
|
image |
ocomcRSM.rsm.container |
The REST Services Manager image name and tag concatenated with a colon (:). Ensure to align with the REST Services Manager image version to be deployed. |
|
enabled |
ocomcRSM.rsm.https |
Whether REST Services Manager should run with HTTPS. |
|
keystoreName |
ocomcRSM.rsm.https |
The KeyStore file name with its extension to use for HTTPS. The file must be present in the oc-cn-ocomc-rsm/ocomc-rsm-keystore directory. |
|
keystorePassPhrase |
ocomcRSM.rsm.https |
The passphrase for the HTTPS KeyStore file. |
|
extRsmKeystoreSecret |
ocomcRSM.rsm.https |
The external KeyStore Secret name. |
|
service.nodePort |
ocomcRSM.rsm.https |
The node port to use for HTTPS service. This would be used when the service type of REST Services Manager is set to NodePort. |
|
hostname |
ocomcRSM.rsm.adminServerConnection |
The host name for accessing the Administration Server. |
|
port |
ocomcRSM.rsm.adminServerConnection |
The port at which the Administration Server is listening on. |
|
username |
ocomcRSM.rsm.adminServerConnection |
The user name to use for logging into the Administration Server. |
|
password |
ocomcRSM.rsm.adminServerConnection |
The password for the specified user to use during login. |
|
ocomcExternal.enabled |
ocomcRSM.rsm.pvc |
Whether REST Services Manager shares the same external PV of the Offline Mediation Controller core. Enabling this is mandatory when REST Services Manager is involved in creating node chain solutions involving cartridges with sensitive password information (FTP or database passwords). The mount path is /app/volumes/ocomc-ext. |
|
ocomcExternal.name |
ocomcRSM.rsm.pvc |
The name of the external volume in Offline Mediation Controller Core. |
|
external.enabled |
ocomcRSM.rsm.pvc |
Whether to create an external PV for REST Services Manager. The mount path is /app/volumes/ext. |
|
name |
ocomcRSM.rsm.storageClass |
The storage class to use if REST Services Manager's external PV is enabled. |
|
cartridgeFolder |
ocomcRSM.rsm.configEnv |
The directory path where REST Services Manager retrieves and loads cartridges from. |
|
nodeTypeMapper.enabled |
ocomcRSM.rsm.customisation |
Whether to load custom nodeMappers into REST Services Manager. The content of the file needs to be added to oc-cn-ocomc-rsm/templates/configmap-nodetypemapper.yaml. |
|
nodeConfigValidator.validators.enabled |
ocomcRSM.rsm.customisation |
Whether to load custom validators into REST Services Manager. |
|
nodeTypeMetadata.enabled |
ocomcRSM.rsm.customisation |
Whether to load custom node type metadata files into REST Services Manager. |
|
transformers.enabled |
ocomcRSM.rsm.customisation.nodeConfigTransformer |
Whether to enable custom transformers. |
|
requestAutomation.enabled |
ocomcRSM.rsm.jobs |
Whether to enable a request automation job (true) or not (false). |
|
requestAutomation.resources.limits.cpu |
ocomcRSM.rsm.cpu |
The CPU limit for job replicas. |
|
requestAutomation.resources.limits.memory |
ocomcRSM.rsm.jobs |
The memory limit for job replicas. |
|
requestAutomation.resources.requests.memory |
ocomcRSM.rsm.jobs |
The memory limit for job replicas. |
|
requestAutomation.resources.requests.memory |
ocomcRSM.rsm.jobs |
The minimum memory for job replicas. |
|
service.type |
ocomcRSM.rsm.service |
The Kubernetes service type to use. |
|
nodePort |
ocomcRSM.rsm.service |
The NodePort that REST Services Manager should be exposed to if service type is set to NodePort. |
|
limits.cpu |
ocomcRSM.rsm.resources |
The CPU limit for REST Services Manager pods. |
|
limits.memory |
ocomcRSM.rsm.resources |
The memory limit for REST Services Manager pods. |
|
requests.cpu |
ocomcRSM.rsm.resources |
The minimum CPU for REST Services Manager pods. |
|
requests.memory |
ocomcRSM.rsm.resources |
The minimum memory for REST Services Manager pods. |
|
rsmTrustStore.enabled |
ocomcRSM.rsm.rsmTrustStore |
Whether to enable a custom TrustStore for SSL/TLS. |
|
trustStoreName |
ocomcRSM.rsm.rsmTrustStore |
The TrustStore file name. |
|
extRSMTruststoreSecret |
ocomcRSM.rsm.rsmTrustStore |
The external TrustStore Secret name. |
|
trustStorePassPhrase |
ocomcRSM.rsm.rsmTrustStore |
The passphrase for the TrustStore. |
|
provider |
ocomcRSM.rsm.security |
The security provider for user authentication. |
|
jvmOpts |
ocomcRSM.rsm |
The required JVM configuration for REST Services Manager. |
|
terminationGracePeriodSeconds |
ocomcRSM.rsm |
The termination grace period for the pod. This is optional. |
|
format.type |
ocomcRSM.rsm.logging |
The logging layout to use. The value should be a supported log4j logging layout. |
|
format.pattern |
ocomcRSM.rsm.logging |
The logging pattern to use. |
|
rootLevel |
ocomcRSM.rsm.logging |
The REST Services Manager's root logging level. |
|
packageLogging |
ocomcRSM.rsm.logging |
The logging levels specific to individual packages. |