Skip to main content
Skip table of contents

CX Deployment on Kubernetes

This document illustrates the procedure and steps to deploy Expertflow CX-core on Kubernetes.

Before you begin, verify

Prepare for CX Deployment

Step 1: Clone the Expertflow CX repository

CODE
git clone -b CX-4.5.2 https://efcx:RecRpsuH34yqp56YRFUb@gitlab.expertflow.com/cim/cim-solution.git
BASH
cd cim-solution/kubernetes

Step 2: Create Namespaces

  1. Create a namespace expertflow for all Expertflow components

Run the following command on the control-plane node.

BASH
kubectl create namespace expertflow

  1. Create a namespace ef-external for all the external elements of the Expertflow CX solution such as Mongo, Redis, MinIO, etc.

Run the following command on the control-plane node.

CODE
kubectl create namespace ef-external

Step 3: Apply Image Pull secret

  1. Run the following commands for applying ImagePullSecrets of Expertflow CX images.

BASH
kubectl apply -f pre-deployment/registryCredits/ef-imagePullSecret-expertflow.yaml
BASH
kubectl apply -f pre-deployment/registryCredits/ef-imagePullSecret-ef-external.yaml

Step 4: Update FQDN

Expertflow CX should be accessible by a fully qualified domain name. Assign the FQDN that resolves to the control plane node or KubeVIP.

Replace <FQDN> with your FQDN for Expertflow CX and run this command.

BASH
sed -i 's/devops[0-9]*.ef.com/<FQDN>/g' cim/ConfigMaps/* pre-deployment/grafana/* pre-deployment/keycloak/* cim/Ingresses/nginx/* cim/Ingresses/traefik/*

Setup SQL Database

Expertflow CX requires any of the following PostgreSQL for Expertflow CX deployment for storing configuration data.

If you are deploying external components with provided TLS certificates, you must run the following command before deployment:-

BASH
kubectl apply -f external-tls-secrets/

PostgreSQL RECOMMENDED

Skip this step if you already have any of the other two databases in your environment.

  1. If you do not have PostgreSQL in your environment, create ConfigMap of PostgreSQL to create necessary databases and preload it with bootstrap configurations.

    CODE
    kubectl -n ef-external  create configmap ef-postgresql-license-manager-cm --from-file=./pre-deployment/licensemanager/licensemanager.sql
  2. Update the following values as mentioned below:-

    CODE
    auth:
      ## @param auth.enablePostgresUser Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user
      ##
      enablePostgresUser: true
      ## @param auth.postgresPassword Password for the "postgres" admin user. Ignored if `auth.existingSecret` with key `postgres-password` is provided
      ##
      ## EXPERTFLOW
      postgresPassword: "<postgresql password>"
    

  3. Deploy the postgresql

    BASH
    helm upgrade --install=true --wait=true --timeout=10m0s --debug --namespace=ef-external --values=external/bitnami/postgresql/values.yaml ef-postgresql external/bitnami/postgresql
  4. For managed Postgresql, see Using Managed PostgreSQL for configuring PostgreSQL for Expertflow CX.

Deploy CX External Components

Expertflow CX requires the following 3rd party components.

Redis

Key-Values based Caching engine, used by most of the EF-CX components.

MongoDB

NoSQL Database, maintains and serves as primary back store for EF-CX solution.

Minio

S3 compliant object storage.

KeyCloak

Realm based auth management tool.

You may use them from your existing environment or from a cloud provider .

Setup KeyCloak

Prerequisites

Before proceeding with the keycloak deployment, please update the backend database connection string parameters ( when using no-default passwords )

  1. edit external/bitnami/keycloak/values.yaml and update the password for postgresql database

    YAML
    externalDatabase:
      host: "ef-postgresql.ef-external.svc.cluster.local"
      port: 5432
      user: sa
      database: keycloak_db
      password: "Expertflow123"
      existingSecret: ""
      existingSecretPasswordKey: ""
Keycloak Deployment

KeyCloak is used as the centralized authentication and authorization component for Expertflow CX. Follow these steps to setup KeyCloak.

  1. On the master node, create a global ConfigMap for KeyCloak. Change the hostname and other parameters before applying this command ( For Example . FQDN and relative paths )

    BASH
    kubectl apply -f pre-deployment/keycloak/ef-keycloak-configmap.yaml
  2. Now, deploy KeyCloak by running the following command

    BASH
    helm upgrade --install=true --wait=true --timeout=10m0s --debug --namespace=ef-external --values=external/bitnami/keycloak/values.yaml keycloak external/bitnami/keycloak/
  3. Check the KeyCloak installation status. You can check the status of deployment by using the following command:

    BASH
    kubectl -n ef-external rollout status sts keycloak

Setup MongoDB

Expertflow CX using MongoDB for storing all CX events, activities, and some configuration data as well.

Skip this step if you already have MongoDB in your environment that can be used by Expertflow CX. For using MongoDB from a managed environment, see Using Managed MongoDB for necessary configurations.

  1. Update the following values as mentioned below:-

    CODE
    auth:
      ## @param auth.enabled Enable authentication
      ## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
      ## EXPERTFLOW
      enabled: true
      ## @param auth.rootUser MongoDB(&reg;) root user
      ##
      rootUser: root
      ## @param auth.rootPassword MongoDB(&reg;) root password
      ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mongodb#setting-the-root-user-and-password-on-first-run
      ##
      rootPassword: "Expertflow123"  # Change this to match the requirements  
    

  2. Deploy MongoDB by running the following command.

    BASH
    helm upgrade --install=true --wait=true --timeout=10m0s --debug --namespace=ef-external --values=external/bitnami/mongodb/values.yaml mongo external/bitnami/mongodb/
  3. Check the MongoDB deployment status by running the following command:

    BASH
    kubectl -n ef-external rollout status sts mongo-mongodb

Setup MinIO

Expertflow CX using MinIO for storing files exchanged between agents, customers, and/or bots. Install using Helm using following command:

  1. update the minio helm chart values.yaml files with the required ACCESSKEY and PASSKEY values

    CODE
    auth:
      ## @param auth.rootUser MinIO&reg; root username
      ##
      rootUser: minioadmin
      ## @param auth.rootPassword Password for MinIO&reg; root user
      ##
      rootPassword: "minioadmin"
  2. Deploy the minio helm chart

CODE
helm upgrade --install=true --wait=true --timeout=10m0s --debug --namespace=ef-external --values=external/bitnami/minio/values.yaml minio external/bitnami/minio/

Wait for the minio deployment to get ready

CODE
kubectl -n ef-external  rollout status deployment  minio --timeout=5m
Digital Channel Icons Bootstrapping

proceed with icons bootstrapping.

BASH
kubectl apply -f scripts/minio-helper.yaml
CODE
kubectl -n ef-external --timeout=90s wait --for=condition=ready pod minio-helper
CODE
kubectl -n ef-external cp post-deployment/data/minio/bucket/default minio-helper:/tmp/
CODE
kubectl -n ef-external cp scripts/icon-helper.sh minio-helper:/tmp/
CODE
kubectl -n ef-external exec -it minio-helper -- /bin/sh /tmp/icon-helper.sh
CODE
kubectl delete -f scripts/minio-helper.yaml

Setup Redis

CX uses Redis for storing active system state of most of the CX objects.

  1. Update the following values as mentioned below:-

    CODE
    auth:
      ## @param auth.enabled Enable password authentication
      ##
      enabled: true
      ## @param auth.password Redis&reg; password
      ## Defaults to a random 10-character alphanumeric string if not set
      ##
      password: "Expertflow123"  # Change this to match the requirements  
    

  2. Run the following command to deploy Redis.

BASH
helm upgrade --install=true --wait=true --timeout=10m0s --debug --namespace=ef-external --values=external/bitnami/redis/values.yaml redis external/bitnami/redis/

Setup Realtime Reports

Expertflow CX uses Grafana for business and solution monitoring. Business monitoring dashboards are embedded inside AgentDesk that provide real-time statistics for both agents and supervisors.

See Setup Grafana for embedded dashboards for details.

Setup Historical Reports

Expertflow CX uses Apache Superset for historical reports.

  1. Install Superset

  2. Setup Reporting Connector

Setup ActiveMQ

Expertflow CX uses ActiveMQ for message queuing between CX core components. To deploy ActiveMQ

CODE
kubectl apply -f cim/StatefulSet/ef-amq-statefulset.yaml

Wait for the AMQ StatefulSet to be ready

CODE
kubectl wait pods ef-amq-0 -n ef-external --for condition=Ready --timeout=600s

Custom Password Interpolation

Below are the interpolations when using custom or not-default password for mongodb, minio, redis, postgresql and activeMQ

Entity

Placement

MongoDB

  1. Update MONGODB_PASSWORD in cim/Configmaps/ef-connection-env-configmap.yaml

PostgreSQL

  1. Update the YAML object externalDatabase.password at line number 1140 in external/bitnami/keycloak/values.yaml

  2. Update DB_PASS in cim/ConfigMaps/ef-license-manager-configmap.yaml

minio

  1. Update ACCESSKEY in cim/ConfigMaps/ef-file-engine-configmap.yaml

  2. Update SECRETKEY in cim/ConfigMaps/ef-file-engine-configmap.yaml

Redis

  1. Update REDIS_PASSWORD in cim/Configmaps/ef-connection-env-configmap.yaml

keycloak

N/A

activeMQ

N/A

Deploy CX-Core Components

If you are using TLS enabled external components, copy the tls secrets to expertflow namespace before deploying CX-core components using the following commands:-

BASH
kubectl get secret mongo-mongodb-ca -n ef-external  -o yaml | sed 's/namespace: ef-external/namespace: expertflow/' | kubectl create -f -
kubectl get secret redis-crt -n ef-external  -o yaml | sed 's/namespace: ef-external/namespace: expertflow/' | kubectl create -f -
kubectl get secret ef-postgresql-crt -n ef-external  -o yaml | sed 's/namespace: ef-external/namespace: expertflow/' | kubectl create -f -
  1. Setup default translation file for Agent Desk

    CODE
    kubectl -n expertflow  create configmap ef-app-translations-cm --from-file=pre-deployment/app-translations/unified-agent/i18n
  2. Setup default canned messages translations file for Agent Desk

    CODE
    kubectl -n expertflow  create configmap ef-canned-messages-cm --from-file=pre-deployment/app-translations/unified-agent/canned-messages
  3. Apply CRM ConfigMap for Agent Desk

    CODE
    kubectl -n expertflow create configmap ef-crm-service-cm --from-file=pre-deployment/crm-service/
  4. Apply Conversation Controller ConfigMaps

    BASH
    kubectl -n expertflow create configmap ef-conversation-controller-actions-cm --from-file=pre-deployment/conversation-Controller/actions
    kubectl -n expertflow create configmap ef-conversation-controller-actions-utils-cm --from-file=pre-deployment/conversation-Controller/utils
    kubectl -n expertflow create configmap ef-conversation-controller-actions-pycache-cm --from-file=pre-deployment/conversation-Controller/__pycache__
  5. Apply ConfigMap to enable log masking for all components in expertflow namespace:-

    CODE
    kubectl apply -f pre-deployment/logback/
    kubectl -n expertflow create configmap ef-logback-cm --from-file=pre-deployment/logback/logback-spring.xml
  6. Apply all configurations in the ConfigMaps folder using:

CODE
kubectl apply -f cim/ConfigMaps/
  1. Create services for all deployment EF components

    CODE
    kubectl apply -f cim/Services/
  2. Apply all the Deployment manifests 

    CODE
    kubectl apply -f cim/Deployments/
  3. Before proceeding to the the next steps, wait for all the solution components to be up and ready.

    BASH
    kubectl -n expertflow get pods

Team Announcement CronJob

Run the following command to setup team announcement CronJob.

It requires the solution be up and running.

BASH
kubectl apply -f pre-deployment/team-announcement/

Setup SSL Certificates

Expertflow CX ships with self-signed certificates for all the ingresses. To apply your custom / domain-signed SSL certificates see Apply Domain-signed SSL Certificates.

Setup Ingress Routes

For RKE2-based Ingresses using Ingress-Nginx Controller

BASH
kubectl apply -f cim/Ingresses/nginx/

Change Service type from Cluster IP to NodePort:-

If a kubernetes service requires access over node IPs, you can patch the service using ( update the required parameters before executing )

CODE
kubectl patch svc <service name> \
-n <namespace> 
--type='json' \
-p '[{"op":"replace","path":"/spec/type","value":"NodePort"},{"op":"replace","path":"/spec/ports/0/nodePort","value":<port number in the range of 30000 to 32676>}]'

Configurations

  1. Import default keyCloak realm for essential KeyCloak resources, permissions, and authentication configurations.

  2. If you intend to use Apache Superset for reporting, follow Configure and import historical report templates to configure the Reporting solution.

  3. For customer channel configuration, see customer channels.

  4. For CX-Voice component deployment this guide

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.