7. Deploying Open Integration using SCM
You can now deploy Open Integration using the infrastructure resources that you created using the configuration files stored in customer Git. This step initiates the deployment of the Open Integration services.
Optionally, you can set up the Coherence server for Open Integration by configuring the
coherence section in the payload. You can deploy a new Coherence
server or use your existing Coherence server during the Open Integration deployment.
In the deployment request, reference the registered git_id, the target
Git branch, the target directory, the uploaded keystore and truststore file paths, and
the required Coherence settings.
You can deploy Open Integration using the /openintegration API
endpoint:
- Method: POST
- Endpoint:
/openintegration - Description: Initiates the deployment of Open Integration using the infrastructure resources and configuration files created in the earlier steps. It creates the Open Integration deployment, generates GitOps resources, creates runtime secrets, runs the image-builder job, and deploys the runtime.
- Sample payload for:
- Deploying Open Integration:
{ "name": "openint1", "infra_id": "7OZMKQ", "openintegration": { "git": { "git_id": "<git_id>", "git_openint_branch": "<customer-branch>", "git_openint_directory": "<customer-openint-directory>" }, "siebel_server_keystore_file_path": "/home/opc/siebel/siebelkeystore.jks", "siebel_client_keystore_file_path": "/home/opc/siebel/siebelkeystore_client.jks", "siebel_truststore_file_path": "/home/opc/siebel/siebeltruststore.jks", "siebel_server_keystore_password": "server", "siebel_truststore_password": "siebel", "siebel_client_keystore_password": "client" } } - Deploying Open Integration with a new Coherence
server:
{ "name": "openint1", "infra_id": "7OZMKQ", "openintegration": { "git": { "git_id": "<git_id>", "git_openint_branch": "<customer-branch>", "git_openint_directory": "<customer-openint-directory>" }, "siebel_server_keystore_file_path": "/home/opc/siebel/siebelkeystore.jks", "siebel_client_keystore_file_path": "/home/opc/siebel/siebelkeystore_client.jks", "siebel_truststore_file_path": "/home/opc/siebel/siebeltruststore.jks", "siebel_server_keystore_password": "server", "siebel_truststore_password": "siebel", "siebel_client_keystore_password": "client" }, "coherence": { "use_existing": false, "coherence_cluster_name": "siebelcache", "enable_tls": "true" } } - Deploying Open Integration using an existing Coherence
server:
{ "name": "openint1", "infra_id": "7OZMKQ", "openintegration": { "git": { "git_id": "<git_id>", "git_openint_branch": "<customer-branch>", "git_openint_directory": "<customer-openint-directory>" }, "siebel_server_keystore_file_path": "/home/opc/siebel/siebelkeystore.jks", "siebel_client_keystore_file_path": "/home/opc/siebel/siebelkeystore_client.jks", "siebel_truststore_file_path": "/home/opc/siebel/siebeltruststore.jks", "siebel_server_keystore_password": "server", "siebel_truststore_password": "siebel", "siebel_client_keystore_password": "client" }, "coherence": { "coherence_cluster_name": "siebelcache", "use_existing": true, "wka_endpoint": "siebelcache.openint1.svc.cluster.local" } }
Optional Security Context
You can optionally specify the
security_contextsection at the top level of the infrastructure provisioning payload when infrastructure resources and operators must run with custom non-root user ID and group ID. For example:{ "name": "<openint_name>", "infra_id": "<infra_id>", "security_context": { “run_as_user”: <uid>, "run_as_group": <gid>, "fs_group": <fs_group_id> } }Note: This is a separate Open Integration configuration. Include it explicitly even if the infrastructure provisioning payload also contains asecurity_contextsection.The specified values are applied to the following Open Integration resources:
- Open Integration image builder
- Open Integration application workloads
- Coherence chart resources
If you specify
security_context, you must provide all three parameters:run_as_userrun_as_groupfs_group
On OpenShift,
run_as_usermust be within the range specified by theopenshift.io/sa.scc.uid-rangenamespace annotation. Thefs_groupvalue must be the first ID in the range specified by theopenshift.io/sa.scc.supplemental-groupsnamespace annotation.To determine valid values, inspect the namespace annotations and select a user ID from the
uid-rangeannotation and the first group ID from thesupplemental-groupsannotation. - Deploying Open Integration:
- Sample API call
request:
POST https://<SCM_instance_IP>:<port_num>/scm/api/v1.0/openintegration Authorization: Basic Auth Content-Type: application/json - Sample response:
{ "data": { "deploy_id": "<deploy_id>", "deploy_status": "creation-in-progress", "infra_id": "<infra_id>", "name": "openint1", "namespace": "openint1", "openintegration": { "git": { "git_id": "<git_id>", "git_openint_branch": "<customer-branch>", "git_openint_directory": "<customer-openint-directory>" }, "siebel_server_keystore_file_path": "/home/opc/siebel/siebelkeystore.jks", "siebel_client_keystore_file_path": "/home/opc/siebel/siebelkeystore_client.jks", "siebel_truststore_file_path": "/home/opc/siebel/siebeltruststore.jks", "siebel_server_keystore_password": "server", "siebel_truststore_password": "siebel", "siebel_client_keystore_password": "client" }, "stages": [ { "name": "Pre Deploy", "stage_name": "pre_deploy", "status": "" }, { "name": "Prepare GitOps", "stage_name": "prepare_gitops", "status": "" }, { "name": "Flux Setup", "stage_name": "flux_setup", "status": "" } ] }, "message": "success", "status": "success" }