Helm-based Deployment for Expertflow CX

Helm is a templating engine for Kubernetes to minimize the effort of customizing and updating several kubernetes manifests using helm charts. Additionally, the helm charts provide templating which make it easy to interpolate deployment variables, upgrade, downgrade release using simpler and convenient steps.

More information on helm can be found at Official Helm Website.

Requirements

The following table describes the prerequisites for using Helm for deployment.

Item	Description	When changed
Kubernetes Setup	a standard and compatible release of kubernetes is available	A clean installed Kubernetes Engine . This can be performed using guide RKE2 Control plane Deployment
FQDN	A valid FQDN is required to deploy the solution for example “devops.ef.com”	by default there is no FQDN associated, and the helm chart(s) will exit with failure if the default value is used.
External Components	All external components have their own helm charts available.	if you are using externally managed components like mongo, minio, redis and postgresql, relevant values should be updated in the helm chart values. details are provided below.
TLS/SSL certificate	It is mandatory to have a valid SSL certificate already create in both expertflow and ef-external namespaces. Default Ingress certificate name is “`ef-ingress-tls-secret`"	It is by default required and must be created before the actual helm chart deployment .
Custom configurations	All components requiring custom changes should be updated in their respective values file	Mandatory, and upgrade of the helm chart is required when updated.
ingress controller	by default both resident and ef-cx helm charts are using nginx as ingress controller	if using other ingress controller for example nginx or traefik, update all the relevant tags and annotations to reflect appropriate values. details

EF CX Helm Chart

Global Chart Details

In addition to sub-chart details, below given are the details for this meta chart. Any key: value pair present in this file supersedes the values file in sub-chart's values file.

Section	Item	Details	default
global	ingressRouter	FQDN used for the EF-CX Solution	“devops.ef.com”
	imageRegistry	default container registry to pull images from	"gitimages.expertflow.com"
	ingressCertName	default ingress certificate secret name. must be created before install	"ef-ingress-tls-secret"
	ingressClassName	ingress class name	“nginx”
	commonIngressAnnotations	common annotations for all ingress resources	““
	efCommonVars_IS_WRAP_UP_ENABLED	Common Environment Variable	true
	efCommonVars_WRAPUP_TIME	Common Environment Variable	"60"
	efCommonVars_DEFAULT_ROOM_NAME	Common Environment Variable	CC
	efCommonVars_DEFAULT_ROOM_LABEL	Common Environment Variable	CC
	efCommonVars_DEFAULT_ROOM_DESCRIPTION	Common Environment Variable	Contact Center Room
	efCommonVars_CONVERSATION_SEARCH_WINDOW_HRS	Common Environment Variable	"24"
	efCommonVars_TZ	Common Environment Variable	UTC
	efCommonVars_MASK_ATTRIBUTES_PATH	Common Environment Variable	/sensitive.js
	efCommonVars_LOGGING_CONFIG	Common Environment Variable	/logback/logback-spring.xml
	efCommonVars_ROOM_IS_USER_ID	Common Environment Variable	false
clusterDomain		root domain for the cluster DNS	“cluster.local”
imageCredentials	registry	container image registry, must be same as global.imageRegistry	gitimages.expertflow.com
	username	username for the registry	efcx
	password	password for the user of the registry	RecRpsuH34yqp56YRFUb
	email	email address for the registry config	devops@expertflow.com
efConnectionVars		Contains list of all the sub-charts related connection parameters	list of parameters.
sub-chart
sub-chart	enabled	enable of disable a sub-chart deployment. true \| false	true

Image Pull Secret is created at runtime based on these variables, a valid dockerconfig in JSON format is created at runtime and added to the kubernetes engine as secret with the name of ef-gitlab-secret

All sub-charts are named after the component name for which it is developed and its values are evaluated from meta chart’s values.yaml file

Sub-Chart Details

All sub-charts have below given details available. Click Expander to view.

Click here to expand...

Parameters

Global parameters

Name	Description	Value
`global.ingressRouter`	Global FQDN mapping	`""`
`global.ingressCertName`	Ingress TLS Certificate secret must be created before deployment	`""`
`global.ingressClassName`	ingress class name for all the ingress resources deployed using this helm chart	`""`
`global.commonIngressAnnotations`	Common Annotations for all the ingress resources, add/update for individual resources if not common	`{}`
`global.imageRegistry`	default image registry to images from	`""`
`global.imagePullSecrets`	Global Docker registry secret names as an array	`[]`
`global.compatibility.openshift.adaptSecurityContext`	Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)	`auto`

Common parameters

Name	Description	Value
`nameOverride`	String to partially override COMPONENT___NAME.fullname template (will maintain the release name)	`""`
`fullnameOverride`	String to fully override COMPONENT___NAME.fullname template	`""`
`namespaceOverride`	String to fully override common.names.namespace	`""`
`kubeVersion`	Force target Kubernetes version (using Helm capabilities if not set)	`""`
`clusterDomain`	Kubernetes Cluster Domain	`cluster.local`
`extraDeploy`	Extra objects to deploy (value evaluated as a template)	`[]`
`commonLabels`	Add labels to all the deployed resources	`{}`
`commonAnnotations`	Add annotations to all the deployed resources	`{}`
`diagnosticMode.enabled`	Enable diagnostic mode (all probes will be disabled and the command will be overridden)	`false`
`diagnosticMode.command`	Command to override all containers in the the deployment(s)/statefulset(s)	`["sleep"]`
`diagnosticMode.args`	Args to override all containers in the the deployment(s)/statefulset(s)	`["infinity"]`

COMPONENT___NAME parameters

Name	Description	Value
`image.registry`	COMPONENT___NAME image registry	`REGISTRY_NAME`
`image.repository`	COMPONENT___NAME image repository	`REPOSITORY_NAME/___COMPONENT___NAME___`
`image.digest`	COMPONENT___NAME image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag	`""`
`image.pullPolicy`	COMPONENT___NAME image pull policy	`IfNotPresent`
`image.pullSecrets`	Specify docker-registry secret names as an array	`[]`
`automountServiceAccountToken`	Mount Service Account token in pod	`false`
`hostAliases`	Deployment pod host aliases	`[]`
`command`	Override default container command (useful when using custom images)	`[]`
`args`	Override default container args (useful when using custom images)	`[]`
`extraEnvVars`	Extra environment variables to be set on COMPONENT___NAME containers	`[]`
`extraEnvVarsCM`	ConfigMap with extra environment variables	`""`
`extraEnvVarsSecret`	Secret with extra environment variables	`""`
`efConnectionVars`	Configmap true false	`false`
`efEnvironmentVars`	ConfigMap true false	`false`

COMPONENT___NAME deployment parameters

Name	Description	Value
`replicaCount`	Number of COMPONENT___NAME replicas to deploy	`1`
`revisionHistoryLimit`	The number of old history to retain to allow rollback	`10`
`updateStrategy.type`	COMPONENT___NAME deployment strategy type	`RollingUpdate`
`updateStrategy.rollingUpdate`	COMPONENT___NAME deployment rolling update configuration parameters	`{}`
`podLabels`	Additional labels for COMPONENT___NAME pods	`{}`
`podAnnotations`	Annotations for COMPONENT___NAME pods	`{}`
`podAffinityPreset`	Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`	`""`
`podAntiAffinityPreset`	Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`	`""`
`nodeAffinityPreset.type`	Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`	`""`
`nodeAffinityPreset.key`	Node label key to match Ignored if `affinity` is set.	`""`
`nodeAffinityPreset.values`	Node label values to match. Ignored if `affinity` is set.	`[]`
`affinity`	Affinity for pod assignment	`{}`
`hostNetwork`	Specify if host network should be enabled for COMPONENT___NAME pod	`false`
`hostIPC`	Specify if host IPC should be enabled for COMPONENT___NAME pod	`false`
`dnsPolicy`	Specifies the DNS policy for the COMPONENT___NAME pod	`""`
`dnsConfig`	Allows users more control on the DNS settings for a Pod. Required if `dnsPolicy` is set to `None`	`{}`
`nodeSelector`	Node labels for pod assignment. Evaluated as a template.	`{}`
`tolerations`	Tolerations for pod assignment. Evaluated as a template.	`[]`
`priorityClassName`	COMPONENT___NAME pods' priorityClassName	`""`
`schedulerName`	Name of the k8s scheduler (other than default)	`""`
`terminationGracePeriodSeconds`	In seconds, time the given to the COMPONENT___NAME pod needs to terminate gracefully	`""`
`topologySpreadConstraints`	Topology Spread Constraints for pod assignment	`[]`
`podSecurityContext.enabled`	Enabled COMPONENT___NAME pods' Security Context	`false`
`podSecurityContext.fsGroupChangePolicy`	Set filesystem group change policy	`Always`
`podSecurityContext.supplementalGroups`	Set filesystem extra groups	`[]`
`podSecurityContext.fsGroup`	Set COMPONENT___NAME pod's Security Context fsGroup	`1001`
`podSecurityContext.sysctls`	sysctl settings of the COMPONENT___NAME pods	`[]`
`containerSecurityContext.enabled`	Enabled containers' Security Context	`false`
`containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`nil`
`containerSecurityContext.runAsUser`	Set containers' Security Context runAsUser	`1001`
`containerSecurityContext.runAsGroup`	Set containers' Security Context runAsGroup	`1001`
`containerSecurityContext.runAsNonRoot`	Set container's Security Context runAsNonRoot	`true`
`containerSecurityContext.privileged`	Set container's Security Context privileged	`false`
`containerSecurityContext.readOnlyRootFilesystem`	Set container's Security Context readOnlyRootFilesystem	`true`
`containerSecurityContext.allowPrivilegeEscalation`	Set container's Security Context allowPrivilegeEscalation	`false`
`containerSecurityContext.capabilities.drop`	List of capabilities to be dropped	`["ALL"]`
`containerSecurityContext.seccompProfile.type`	Set container's Security Context seccomp profile	`RuntimeDefault`
`containerPorts`	Array of additional container ports for the Nginx container	`[]`
`resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).	`none`
`resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`lifecycleHooks`	Optional lifecycleHooks for the COMPONENT___NAME container	`{}`
`startupProbe.enabled`	Enable startupProbe	`false`
`startupProbe.initialDelaySeconds`	Initial delay seconds for startupProbe	`30`
`startupProbe.periodSeconds`	Period seconds for startupProbe	`10`
`startupProbe.timeoutSeconds`	Timeout seconds for startupProbe	`5`
`startupProbe.failureThreshold`	Failure threshold for startupProbe	`6`
`startupProbe.successThreshold`	Success threshold for startupProbe	`1`
`livenessProbe.enabled`	Enable livenessProbe	`true`
`livenessProbe.initialDelaySeconds`	Initial delay seconds for livenessProbe	`30`
`livenessProbe.periodSeconds`	Period seconds for livenessProbe	`10`
`livenessProbe.timeoutSeconds`	Timeout seconds for livenessProbe	`5`
`livenessProbe.failureThreshold`	Failure threshold for livenessProbe	`6`
`livenessProbe.successThreshold`	Success threshold for livenessProbe	`1`
`readinessProbe.enabled`	Enable readinessProbe	`true`
`readinessProbe.initialDelaySeconds`	Initial delay seconds for readinessProbe	`5`
`readinessProbe.periodSeconds`	Period seconds for readinessProbe	`5`
`readinessProbe.timeoutSeconds`	Timeout seconds for readinessProbe	`3`
`readinessProbe.failureThreshold`	Failure threshold for readinessProbe	`3`
`readinessProbe.successThreshold`	Success threshold for readinessProbe	`1`
`autoscaling.enabled`	Enable autoscaling for COMPONENT___NAME deployment	`false`
`autoscaling.minReplicas`	Minimum number of replicas to scale back	`""`
`autoscaling.maxReplicas`	Maximum number of replicas to scale out	`""`
`autoscaling.targetCPU`	Target CPU utilization percentage	`""`
`autoscaling.targetMemory`	Target Memory utilization percentage	`""`
`extraVolumes`	Array to add extra volumes	`[]`
`extraVolumeMounts`	Array to add extra mount	`[]`
`serviceAccount.create`	Enable creation of ServiceAccount for COMPONENT___NAME pod	`false`
`serviceAccount.name`	The name of the ServiceAccount to use.	`""`
`serviceAccount.annotations`	Annotations for service account. Evaluated as a template.	`{}`
`serviceAccount.automountServiceAccountToken`	Auto-mount the service account token in the pod	`false`
`sidecars`	Sidecar parameters	`[]`
`sidecarSingleProcessNamespace`	Enable sharing the process namespace with sidecars	`false`
`initContainers`	Extra init containers	`[]`
`pdb.create`	Created a PodDisruptionBudget	`false`
`pdb.minAvailable`	Min number of pods that must still be available after the eviction.	`""`
`pdb.maxUnavailable`	Max number of pods that can be unavailable after the eviction.	`""`

Traffic Exposure parameters

Name	Description	Value
`service.type`	Service type	`ClusterIP`
`service.enabled`	whether the service object should be created for this component	`true`
`service.type`	Type of the Service port exposed	`ClusterIP`
`service.port`	Port Number of the service	`""`
`service.targetPort`	targetPort for the container where this service will route the traffic to	`""`
`service.portName`	Name of the Service's port -- should be same as targetPort	`""`
`service.protocol`	Type of the protocol for this service TCP or UDP	`TCP`
`service.nodePort`	Valid if the type is set to NodePort -- range 30000 to 32676	`""`
`service.clusterIP`	COMPONENT___NAME service Cluster IP	`""`
`service.extraPorts`	Extra ports to expose (normally used with the `sidecar` value)	`[]`
`service.sessionAffinity`	Session Affinity for Kubernetes service, can be "None" or "ClientIP"	`None`
`service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`service.annotations`	Service annotations	`{}`
`service.externalTrafficPolicy`	Enable client source IP preservation	`Cluster`
`networkPolicy.enabled`	Specifies whether a NetworkPolicy should be created	`false`
`networkPolicy.allowExternal`	Don't require server label for connections	`true`
`networkPolicy.allowExternalEgress`	Allow the pod to access any range of port and all destinations.	`true`
`networkPolicy.extraIngress`	Add extra ingress rules to the NetworkPolicy	`[]`
`networkPolicy.extraEgress`	Add extra ingress rules to the NetworkPolicy (ignored if allowExternalEgress=true)	`[]`
`networkPolicy.ingressNSMatchLabels`	Labels to match to allow traffic from other namespaces	`{}`
`networkPolicy.ingressNSPodMatchLabels`	Pod labels to match to allow traffic from other namespaces	`{}`
`ingress.enabled`	Set to true to enable ingress record generation	`true`
`ingress.pathType`	Ingress path type	`ImplementationSpecific`
`ingress.apiVersion`	Force Ingress API version (automatically detected if not set)	`""`
`ingress.hostname`	Default host for the ingress resource	`fqdn.com`
`ingress.path`	The Path to Nginx. You may need to set this to '/*' in order to use this with ALB ingress controllers.	`""`
`ingress.annotations`	Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.	`{}`
`ingress.ingressClassName`	Set the ingerssClassName on the ingress record for k8s 1.18+	`nginx`
`ingress.extraHosts`	The list of additional hostnames to be covered with this ingress record.	`[]`
`ingress.extraPaths`	Any additional arbitrary paths that may need to be added to the ingress under the main host.	`nil`
`ingress.tlsSecretName`	If you're providing your own certificates, please use this to add the certificates as secrets	`{{ .Values.global.ingressCertName }}`
`ingress.extraRules`	The list of additional rules to be added to this ingress record. Evaluated as a template

Add helm repository

CODE

helm repo add expertflow https://expertflow.github.io/charts/

update helm repo

CODE

helm repo update expertflow

Helm chart functional groups

CX helm charts are divided into functional groups.

Group	Description	Dependency
CX	serves the basic and core functionality of the CX Solution.	External Components
Web Channels	Provides CX enhancements for digital Channels	CX
AgentDesk	Provides separate deployment for customers where AgentDesk is optional	CX
Survey	Functional group provides Surveying Collaborations	CX
Campaigns	Functional group provides Campaigns Collaborations.	CX
Reporting	Reporting related to the CX	CX
Eleveo	Eleveo functional group	CX
CiscoScheduler	Cisco functional group	CX

Prepare for CX Deployment

Step 1: Clone the Expertflow CX repository

CODE

git clone -b CX-4.7  https://efcx:RecRpsuH34yqp56YRFUb@gitlab.expertflow.com/cim/cim-solution.git CX-4.7

CODE

cd CX-4.7/kubernetes

Step 2: Create Namespaces

Create a namespace expertflow for all Expertflow components

Run the following command on the control-plane node.

CODE

kubectl create namespace expertflow

Create a namespace ef-external for all the external elements of the Expertflow CX solution such as Mongo, Redis, MinIO, etc.

Run the following command on the control-plane node.

CODE

kubectl create namespace ef-external

Ingress Controller Selection

Default ingressClass is set to “nginx” in all helm charts' global section. if you prefer to use other ingress controller, please update the ingressClassName to appropriate value.
All helm charts served at expertflow helm repository ( CX groups/components and external components ) by default are compatible with ingress-nginx ingress controller using ingress-nginx annotations. Should there be requirement for any other ingress controller like traefik, HA-Proxy or contour etc, please adjust the annotations for all components accordingly. A coordinated guide for using Traefik as Ingress Controller is available for CX solution’s compatibility at Using Traefik as Ingress Controller

Add TLS Certificates

For Self Signed please use this guide Create self-signed certificates for ingress in both ef-external and expertflow namespaces
For Commercial Certificates, please import them as tls.crt and tls.key and create secret with the name of ef-ingress-tls-secret in both ef-external and expertflow namespaces
For LetsEncrypt based TLS Certificates please consult LetsEncrypt SSL for EF-CX

NOTE:

When using LE based TLS Certificates, you will have to enable correct annotations in all the relevant values file. For example, for CX, after downloading the <COMPONENT>-custom-values.yaml file, you can run

sed -i -e 's/#cert-manager.io\/cluster-issuer: /cert-manager.io\/cluster-issuer: /g' <COMPONENT>-custom-values.yaml to enable it.

This procedure is required for both externals and all CX group charts being deployed.

Step 3: Apply Image Pull secret

Run the following commands for applying ImagePullSecrets of Expertflow CX images.

CODE

kubectl apply -f pre-deployment/registryCredits/ef-imagePullSecret-ef-external.yaml

Create a directory to hold values files for all the helm charts.

CODE

mkdir helm-values

Custom Password Interpolations

Below are the interpolations when using custom or not-default password for mongodb, minio, redis, postgresql and activeMQ

Component with custom password	update required in
MongoDB	Update `CX -> values.yaml -> efConnectionVars -> MONGODB_PASSWORD`
PostgreSQL	Update `keycloak -> keycloak-custom-values.yaml -> externalDatabase -> password` Update `CX -> values.yaml -> license-manager -> extraEnvVars-> DB_PASS`
minio	Update `CX -> values.yaml -> file-engin -> extraEnvVars -> ACCESSKEY,SECRETKEY`
Redis	Update `CX -> values.yaml -> efConnectionVars ->` update `ActiveMQ -> active-custom-values.yaml -> extraEnvVars -> REDIS_PASSWORD`
keycloak	N/A
activeMQ	N/A

Setup SQL Database

Expertflow CX requires any of the following PostgreSQL for Expertflow CX deployment for storing configuration data.

If you are deploying external components with provided TLS certificates, you must run the following command before deployment:-

CODE

kubectl apply -f pre-deployment/static-tls

PostgreSQL RECOMMENDED

If you do not have PostgreSQL in your environment, create Config-Map of PostgreSQL to create necessary databases and preload it with bootstrap configurations.

CODE

kubectl -n ef-external  create configmap ef-postgresql-license-manager-cm --from-file=./pre-deployment/licensemanager/licensemanager.sql

download the values.yaml file locally to customize the parameter values.

CODE

helm show values expertflow/postgresql > helm-values/ef-postgresql-custom-values.yaml

Update the following values file helm-values/ef-postgresql-custom-values.yaml as mentioned below:-

CODE

auth:
  password: "<CHANGE_PASSWORD>"

Deploy the postgresql

BASH

helm upgrade --install=true --namespace=ef-external --values=helm-values/ef-postgresql-custom-values.yaml  ef-postgresql expertflow/postgresql

For managed Postgresql, see Using Managed PostgreSQL for configuring PostgreSQL for Expertflow CX.

Deploy CX External Components

Expertflow CX requires the following 3rd party components.

Redis	Key-Values based Caching engine, used by most of the EF-CX components.
MongoDB	NoSQL Database, maintains and serves as primary back store for EF-CX solution.
Minio	S3 compliant object storage.
KeyCloak	Realm based auth management tool.

You may use them from your existing environment or from a cloud provider .

Setup KeyCloak

Prerequisites

Before proceeding with the keycloak deployment, please update the backend database connection string parameters ( when using non-default passwords )

clone the values file and update the parameter values

CODE

helm show values expertflow/keycloak > helm-values/ef-keycloak-custom-values.yaml

edit helm-values/ef-keycloak-custom-values.yaml and update the password for postgresql database

CODE

global:
  ingressRouter: <DEFAULT-FQDN>
externalDatabase:
  password: "Expertflow123"

Default keycloak deployment uses postgresql running inside the same kubernetes cluster. When using managed postgresql database instance, update above parameters with relevant information

Keycloak Deployment

Keycloak is used as the centralized authentication and authorization component for Expertflow CX. Follow these steps to setup KeyCloak.

Now, deploy KeyCloak by running the following command

CODE

helm upgrade --install=true  --debug --namespace=ef-external  --values=helm-values/ef-keycloak-custom-values.yaml keycloak expertflow/keycloak

Check the KeyCloak installation status. You can check the status of deployment by using the following command:

CODE

kubectl -n ef-external rollout status sts keycloak

Setup MongoDB

Expertflow CX using MongoDB for storing all CX events, activities, and some configuration data as well.

Skip this step if you already have MongoDB in your environment that can be used by Expertflow CX. For using MongoDB from a managed environment, see Using Managed MongoDB for necessary configurations.

Clone the values file to update the parameter values

CODE

helm show values expertflow/mongodb > helm-values/ef-mongodb-custom-values.yaml

Update the following values file helm-values/ef-mongodb-custom-values.yaml as mentioned below

CODE

auth:
  rootPassword: "Expertflow123"

Deploy MongoDB by running the following command.

CODE

helm upgrade --install=true --namespace=ef-external --values=helm-values/ef-mongodb-custom-values.yaml mongo expertflow/mongodb

Check the MongoDB deployment status by running the following command:

CODE

kubectl -n ef-external rollout status sts mongo-mongodb

Setup MinIO as S3 Storage

Expertflow CX using MinIO for storing files exchanged between agents, customers, and/or bots. Install using Helm using following command:

Clone the values file for updating the parameter values

CODE

helm show values expertflow/minio > helm-values/ef-minio-custom-values.yaml

update the minio helm chart helm-values/ef-minio-custom-values.yaml files with the required ACCESSKEY and PASSKEY values

CODE

auth:
  rootUser: minioadmin
  rootPassword: "minioadmin"

Deploy the minio helm chart

CODE

helm upgrade --install=true --namespace=ef-external --values=helm-values/ef-minio-custom-values.yaml minio expertflow/minio

Wait for the minio deployment to get ready

CODE

kubectl -n ef-external  rollout status deployment  minio --timeout=5m

Digital Channel Icons Bootstrapping

proceed with icons bootstrapping.

CODE

kubectl apply -f scripts/minio-helper.yaml

CODE

kubectl -n ef-external --timeout=90s wait --for=condition=ready pod minio-helper

CODE

kubectl -n ef-external cp post-deployment/data/minio/bucket/default minio-helper:/tmp/

CODE

kubectl -n ef-external cp scripts/icon-helper.sh minio-helper:/tmp/

CODE

kubectl -n ef-external exec -it minio-helper -- /bin/sh /tmp/icon-helper.sh

CODE

kubectl delete -f scripts/minio-helper.yaml

Setup Redis

CX uses Redis for storing active system state of most of the CX objects.

Clone the values file to update the parameter values

CODE

helm show values expertflow/redis > helm-values/ef-redis-custom-values.yaml

Update the following values helm-values/ef-redis-custom-values.yaml as mentioned below:-

CODE

auth:
  password: "Expertflow123"  # Change this to match the requirements

Run the following command to deploy Redis.

CODE

helm upgrade --install=true  --namespace=ef-external --values=helm-values/ef-redis-custom-values.yaml  redis expertflow/redis

Setup ActiveMQ

clone the values file to update the parameters required

CODE

helm show values expertflow/activemq > helm-values/ef-activemq-custom-values.yaml

CODE

helm upgrade --install=true  --namespace=ef-external --values=helm-values/ef-activemq-custom-values.yaml activemq expertflow/activemq

CX

Transfer the Mongo and Redis Certificates from ef-external namespace

CODE

kubectl get secret mongo-mongodb-ca -n ef-external  -o yaml | sed 's/namespace: ef-external/namespace: expertflow/' | kubectl create -f -
kubectl get secret redis-crt -n ef-external  -o yaml | sed 's/namespace: ef-external/namespace: expertflow/' | kubectl create -f -
kubectl get secret ef-postgresql-crt -n ef-external  -o yaml | sed 's/namespace: ef-external/namespace: expertflow/' | kubectl create -f -

Apply Conversation Controller ConfigMaps

CODE

kubectl -n expertflow create configmap ef-conversation-controller-actions-cm --from-file=pre-deployment/conversation-Controller/actions
kubectl -n expertflow create configmap ef-conversation-controller-actions-utils-cm --from-file=pre-deployment/conversation-Controller/utils
kubectl -n expertflow create configmap ef-conversation-controller-actions-pycache-cm --from-file=pre-deployment/conversation-Controller/__pycache__

Apply ConfigMap to enable log masking for all components in expertflow namespace:-

CODE

kubectl apply -f pre-deployment/logback/
kubectl -n expertflow create configmap ef-logback-cm --from-file=pre-deployment/logback/logback-spring.xml

Customize the deployment by fetching the helm chart’s values file and edit it as per requirements.

CODE

helm show values expertflow/cx > helm-values/ef-cx-custom-values.yaml

Edit/update the values file helm-values/ef-cx-custom-values.yaml with

CODE

global:
  ingressRouter: <DEFAULT-FQDN>

Deploy the CX Core using default values.

CODE

helm upgrade --install --namespace expertflow --create-namespace   ef-cx  --debug --values helm-values/ef-cx-custom-values.yaml expertflow/cx

“ef-cx” in above command is the release name which will referenced in all subsequent functional groups' deployments.

check the status of CX components

CODE

kubectl -n expertflow get pods

CX AgentDesk

Setup default translation file for Agent Desk

CODE

kubectl -n expertflow  create configmap ef-app-translations-cm --from-file=pre-deployment/app-translations/unified-agent/i18n

Setup default canned messages translations file for Agent Desk

CODE

kubectl -n expertflow  create configmap ef-canned-messages-cm --from-file=pre-deployment/app-translations/unified-agent/canned-messages

Apply CRM ConfigMap for Agent Desk ( Option, only when Agent-Desk embedding in CRM is required )

CODE

kubectl -n expertflow create configmap ef-crm-service-cm --from-file=pre-deployment/crm-service/

Update the FQDN of the machine against url field in file post-deployment/config/grafana/supervisor-dashboards/datasource.yml

Apply the data-source manifest.

CODE

kubectl -n expertflow  create secret generic ef-grafana-datasource-secret --from-file=post-deployment/config/grafana/supervisor-dashboards/datasource.yml

Create the Dashboard configs for Grafana by applying the config-map manifest.

CODE

kubectl -n expertflow create cm ef-grafana-dashboard-provider-cm --from-file=post-deployment/config/grafana/supervisor-dashboards/dashboard.yml

For MySQL Server

Apply config-map for the MySQL supervisor and agent dashboard files using the steps below.

CODE

kubectl -n expertflow   create configmap ef-grafana-supervisor-dashboard-mysql --from-file=post-deployment/config/grafana/supervisor-dashboards/Supervisor_Dashboard_CIM-mysql.json

Add Agent Dashboard for MySQL

CODE

kubectl -n expertflow create configmap ef-grafana-agent-dashboard-mysql --from-file=post-deployment/config/grafana/supervisor-dashboards/Agent_Dashboard_CIM-mysql.json

For MSSQL Server

Apply config-map for the MSSQL supervisor dashboard files

CODE

kubectl -n expertflow create configmap ef-grafana-supervisor-dashboard-mssql  --from-file=post-deployment/config/grafana/supervisor-dashboards/Supervisor_Dashboard_CIM-mssql.json

Add config-map for agent dashboard MSSQL

CODE

kubectl  -n expertflow  create configmap ef-grafana-agent-dashboard-mssql --from-file=post-deployment/config/grafana/supervisor-dashboards/Agent_Dashboard_CIM-mssql.json

change these tags in helm-values/cx-agent-desk-custom-values.yaml for MSSQL Server Only in global section at the top of the file. ( downloaded in next step)

CODE

  efGrafanaSupervisorDashboardConfigMap: "ef-grafana-supervisor-dashboard-mssql"
  efGrafanaSupervisorDashboardFilename: "Supervisor_Dashboard_CIM-mssql.json"
  efGrafanaAgentDashboardConfigMap: "ef-grafana-agent-dashboard-mssql"
  efGrafanaAgentDashboardFilename: "Agent_Dashboard_CIM-mssql.json"

Customize the deployment by fetching the values.yaml file and edit it as per requirements.

CODE

helm show values expertflow/agent-desk > helm-values/cx-agent-desk-custom-values.yaml

Edit/update the values file helm-values/cx-agent-desk-custom-values.yaml with

CODE

global:
  ingressRouter: <DEFAULT-FQDN>

Install the AgentDesk using helm chart

CODE

helm upgrade --install --namespace expertflow   --set global.efCxReleaseName="ef-cx"  cx-agent-desk  --debug --values helm-values/cx-agent-desk-custom-values.yaml expertflow/agent-desk

CX Channels

Customize the deployment by fetching the values.yaml file and edit it as per requirements.

CODE

helm show values expertflow/channels > helm-values/cx-channels-custom-values.yaml

Edit/update the values file helm-values/cx-channels-custom-values.yaml with

CODE

global:
  ingressRouter: <DEFAULT-FQDN>

Deploy the Channels helm chart by

CODE

helm upgrade --install --namespace expertflow  --set global.efCxReleaseName="ef-cx"   --debug   cx-channels --values  helm-values/cx-channels-custom-values.yaml  expertflow/channels

CX Surveys

Customize the deployment by fetching the values.yaml file and edit it as per requirements.

CODE

helm show values expertflow/surveys  > helm-values/cx-surveys-custom-values.yaml

Edit/update the values file helm-values/cx-surveys-custom-values.yaml with

CODE

global:
  ingressRouter: <DEFAULT-FQDN>

Deploy the CX Surveys helm chart by

CODE

helm upgrade --install --namespace expertflow  --set global.efCxReleaseName="ef-cx"  cx-surveys  --debug --values helm-values/cx-surveys-custom-values.yaml expertflow/surveys

CX Campaigns

Customize the deployment by fetching the values.yaml file and edit it as per requirements.

CODE

helm show values expertflow/campaigns  > helm-values/cx-campaigns-custom-values.yaml

Edit/update the values file helm-values/cx-campaigns-custom-values.yaml with

CODE

global:
  ingressRouter: <DEFAULT-FQDN>

Deploy the CX Surveys helm chart by

CODE

helm upgrade --install --namespace expertflow   --set global.efCxReleaseName="ef-cx"  cx-campaigns --debug --values helm-values/cx-campaigns-custom-values.yaml expertflow/campaigns

CX Reporting

Configure TLS connection for MySQL

Get the MySQL key-store (.jsk) & certificate(.cert) files from customer. The .jsk file is required for configuration of the reporting connector, whereas the .cert file is required for Apache Superset SSL configuration. Skeleton Project (cim-solution) already contains the default .jks files in the keystore directory. Replace the mykeystore.jks file acquired from the customer in cim-solution/kubernetes/pre-deployment/reportingConnector/keystore/ directory.

Create keystore.jks used for MySQL TLS

CODE

kubectl create configmap -n expertflow ef-reporting-connector-keystore-cm --from-file=pre-deployment/reportingConnector/keystore/mykeystore.jks

Open the pre-deployment/reportingConnector/reporting-connector.conf and set the mysql_dbms_additional_params value as shown below.

CODE

mysql_dbms_additional_params=noDatetimeStringSync=true&useSSL=true&requireSSL=true&trustServerCertificate=true&clientCertificateKeyStoreUrl=file:///root/config/certs/mykeystore.jks&clientCertificateKeyStorePassword={KEYSTORE_PASSWORD}
 
# Replace the {KEYSTORE_PASSWORD} with your original keystore password. Use "changeit" in case of default password.

Reporting Connector Config-Map Setup

Create the the database in target Database Management System using the scripts from cim-solution/kubernetes/pre-deployment/reportingConnector/SQLScripts/dbcreation directory.

Update below parameters in the file pre-deployment/reportingConnector/reporting-connector.conf

Parameter	Requirement
fqdn	FQDN of the CX Solution
svc_name	k get svc -n expertflow \| grep historical http://ef-cx-historical-reports-svc.expertflow.svc:8081
browser_language	en or ar
connection_type	mysql or mssql
sql_dbms_server_ip	<IP>
sql_dbms_port	for mysql 3306 / for msql 1433
sql_dbms_username	<username>
sql_dbms_password	<password>
sql_database_name	<database name>

Apply configuration for Reporting-Connector

CODE

kubectl -n expertflow create configmap ef-reporting-connector-conf-cm --from-file=pre-deployment/reportingConnector/reporting-connector.conf

Customize the deployment by fetching the values.yaml file and edit it as per requirements.

CODE

helm show values expertflow/reporting > helm-values/cx-reporting-scheduler-custom-values.yaml

and deploy the Reporting Scheduler

CODE

helm upgrade --install --namespace expertflow --set global.efCxReleaseName="ef-cx"   cx-reporting --debug --values helm-values/cx-reporting-scheduler-custom-values.yaml  expertflow/reporting

CX Eleveo

Customize the deployment by fetching the values.yaml file and edit it as per requirements.

CODE

helm show values expertflow/eleveo  > helm-values/ef-cx-eleveo-custom-values.yaml

Edit/update the values file helm-values/cx-eleveo-custom-values.yaml with

CODE

global:
  ingressRouter: <DEFAULT-FQDN>

deploy the eleveo

CODE

helm upgrade --install --namespace expertflow  --set global.efCxReleaseName="ef-cx"  cx-eleveo --debug --values helm-values/ef-cx-eleveo-custom-values.yaml  expertflow/eleveo

CX CiscoScheduler

Customize the deployment by fetching the values.yaml file and edit it as per requirements.

CODE

helm show values expertflow/cisco-scheduler  > helm-values/cx-cisco-scheduler-custom-values.yaml

Edit/update the values file helm-values/cx-cisco-scheduler-custom-values.yaml with

CODE

global:
  ingressRouter: <DEFAULT-FQDN>

Deploy the CiscoScheduler

CODE

helm upgrade --install --namespace expertflow   --set global.efCxReleaseName="ef-cx"  cx-ciscoscheduler --debug --values helm-values/cx-cisco-scheduler-custom-values.yaml expertflow/cisco-scheduler

Expertflow ETL

For Expertflow ETL deployment please refer to Expertflow ETL Deployment

Rasa-X deployment

Please refer to RASA-X Deployment using helm chart for deployment of Rasa-x AI Assistant.

Configurations

Import default keyCloak realm for essential KeyCloak resources, permissions, and authentication configurations.
If you intend to use Apache Superset for reporting, Deployment of Superset and Configure and import historical report templates to configure the Reporting solution.
For customer channel configuration, see customer channels.
For CX-Voice component deployment this guide.
For survey Keycloak Configuration Guide
For campaign Keycloak Configuration Guide