1. Transaction Manager for Microservices Developer Guide
  2. Install on a Kubernetes Cluster
  3. Configure the values.yaml File
  4. Istio Details

4.2.5 Istio Details

If you are using an Istio service mesh, provide details about the Istio ingress gateway that you have set up in the values.yaml file.

Skip providing values for the properties mentioned in the following table if you aren't using an Istio service mesh. Instead provide a value for the property. For example, otmm-tcs-otmm.apps-crc.testenv.

Before you begin, ensure that you have set up and configured Istio. See Install the Required Software for Kubernetes.

Property Description
ingressHostName

Enter the name of the OpenShift ingress host. For example, otmm-tcs-otmm.apps-crc.testing. Use this property only if you want to deploy MicroTx in OpenShift platform. Refer to the values.yaml file, the Helm Charts available in the installation_directory/otmm-RELEASE/otmm/helmcharts/tmm-istio-openshift folder.

This sets up a FQDN that is resolvable and it configures an ingress resource and route to the specified OpenShift ingress host. See https://docs.openshift.com/container-platform/4.14/rest_api/network_apis/ingress-networking-k8s-io-v1.html#spec-rules-2.

istioSystemNameSpace The namespace in which you have installed Istio. The default namespace is istio-system. If you have installed Istio in another namespace, run the following command to find all the namespaces in the cluster.
kubectl get ns
istioIngressGateway.name Enter the name of the Istio ingress gateway that you have created. For example, ingressgateway. To find the name of the Istio ingress gateway, run the following command and from the response note down the value for the istio label.
kubectl describe service/istio-ingressgateway -n istio-system
istioIngressGateway.tlsEnabled Set this to true to enable access to the service using the HTTPS protocol. When you set this to true, you must provide details of the Kubernetes secret that contains the SSL key and certificate to access Istio using HTTPS.

Note:

You must set this value to true in production environments.
istioIngressGateway.credentialName You must specify a value for this property if tlsEnabled is set to true. Enter the name of the Kubernetes secret that you have created to enable access to Istio using the HTTPS protocol. See Create a Kubernetes Secret with SSL Details for Istio. For example, tls-credential.
istioIngressGateway.hosts Enter the external IP Address of Istio ingress gateway or the name of the hosts. If you are using a load balancer or have multiple hosts, enter a comma-separeated list of host names or IP addresses. See Find IP Address of Istio Ingress Gateway.

Sample Property Values for Istio

The following code snippet provides sample property values for Istio.

istioSystemNameSpace: istio-system
istioIngressGateway:
  name: ingressgateway
  tlsEnabled: "true"
  credentialName: tls-credential
  hosts: 192.0.2.1

Parent topic: Configure the values.yaml File