1. Oracle Communications Network Analytics Data Director User Guide
  2. Parameter Updates for OCNADD Microservices
  3. Upgrading Egress Gateway

Upgrading Egress Gateway

This section describes the procedure to update the following Egress Gateway components:
  • Egress Gateway Service image
  • HPA configuration
  • Egress Gateway Service parameters
Perform the following steps to update the following Egress Gateway components:
  1. Edit the following parameters in the values.yaml file of the Admin service helm charts at <chartpath>/charts/ocnaddadminsvc/values.yaml:

    Table 10-1 Egress Gateway Parameters

    Parameter Default Value Description
    OCNADD_CONSUMER_EGW_IMAGE ocnaddegressgateway:<tag> Egress Gateway Image including image URI.
    OCNADD_CONSUMER_EGW_IMAGE_PULLPOLICY IfNotPresent

    If imagePullPolicy is set to Always, Kubernetes will always pull the image from the Repository.

    ifimagePullPolicy is set to IfNotPresent, Kubernetes will only pull the image when it does not already exist on the node.

    If imagePullPolicy is set to Never, Kubernetes will never pull the image.

    OCNADD_CONSUMER_EGW_CPU_LIMIT 4 Resource request parameter of Egress Gateway CPU Limit. The CPU limit defines a hard ceiling on how much CPU time that the container can use. Before updating this parameter make sure it should not exceed total cpu assigned for per namespace resource qoutes.
    OCNADD_CONSUMER_EGW_CPU_REQUEST 4 Resource request parameter of Egress Gateway CPU REQUEST, it must be less than equal to CPU LIMIT. The CPU request typically defines a weighting.
    OCNADD_CONSUMER_EGW_MAX_REPLICA 16 Maximum Replicas of Egress gateway service for Horizontal Pod Scaling in Kubernetes.
    OCNADD_CONSUMER_EGW_MIN_REPLICA 1 Minimum Replicas of Egress gateway service for Horizontal Pod Scaling in Kubernetes.
    OCNADD_CONSUMER_EGW_MAX_SURGE 1 Amount of pods more than the desired number of Pods (At any time, the max number of pods = replica + maxsurge) during rolling update of Egress gateway.
    OCNADD_CONSUMER_EGW_MAX_UNAVAILABLE 0 Amount of pods that can be unavailable during the update process (At all time, the min number of pods = replica - maxUnavalilable) during rolling update of Egress gateway.
    OCNADD_CONSUMER_EGW_BOOTUP_MINREADYSEC 0

    The bootup time of your application, Kubernetes waits for specific time till the next pod creation to serve traffic.

    Note: If you leave this field empty, the service may be unavailable after the update process cause all the application pods are not ready yet.
    OCNADD_CONSUMER_EGW_AVG_CPU_UTIL 70 Egress gateway's Horizontal Pod Auto scaler will increase and decrease the number of replicas (by updating the Deployment) to maintain an average CPU utilization across all Pods.
    OCNADD_CONSUMER_EGW_POD_SCALE_DOWN 1 Egress gateway's Horizontal Pod Auto scaler automatically scaled the number of replicas back down to this value if load decreases.
    OCNADD_CONSUMER_EGW_POD_SCALE_DOWN_PERIOD 30 The Pod's termination grace period countdown begins before the PreStop hook is executed.
    OCNADD_CONSUMER_EGW_MAX_RETRY_ATTEMPTS 0 RETRY customer filter used in Egress gateway, In this configuration the request will be retried only when there is a connection exception.
    ADMINSVC_SSL_ENABLED false To make Egress gateway as a server SSL enabled. (Egress gateway act as a server for consumer adapter service)
    OCNADD_CLIENT_SSL false To enable communication over HTTPS between Egress gateway (as client) and other services (as server).
    OCNADD_CLIENT_SSL_TS_ENABLED true If True, Egress gateway will be using Trust Store to verify server's certificates. Else accept all certificates of the external services in Egress gateway.
    OCNADD_CLIENT_SSL_HANDSHAKE_TIMEOUT 40 A timeout is associated with SSL handshake which is initiated by Egress gateway over HTTPS.
    OCNADD_CLIENT_SSL_CLOSE_NOTIFY_FLUSH 20 close_notify flush timeout is associated with SSL handshake which is initiated by Egress gateway over HTTPS.
    OCNADD_CLIENT_SSL_CLOSE_NOTIFY_READ 20 close_notify read timeout is associated with SSL handshake which is initiated by Egress gateway over HTTPS.
    OCNADD_CONSUMER_EGW_HTTP_CLIENT_POOL_MAX_IDLE 40 Time in millisecond after which the channel will be closed. If NULL, there is no max idle time.
    OCNADD_CONSUMER_EGW_HTTP_CLIENT_POOL_MAX_CONN 200 Only for type FIXED, the maximum number of connections before starting pending acquisition on existing ones.
    OCNADD_CONSUMER_EGW_HTTP_CLIENT_CONNECT_TIMEOUT 3000 The connect timeout in millisecond.
    OCNADD_CONSUMER_EGW_HTTP_CLIENT_RESPONSE_TIMEOUT 8s The response timeout in millisecond.
    EGW_MIN_EXPECTED_VALUE_LATENCY_MS 50 The minimum value (lower bound on histogram) that micrometer is expected to observe the latency when request reaches Egress gateway and forwarded to the server.
    EGW_MAX_EXPECTED_VALUE_LATENCY_MS 50 The maximum value (upper bound on histogram) that micrometer is expected to observe the latency when request reaches Egress gateway and forwarded to the server.
    EGW_MIN_EXPECTED_VALUE_ETE_LATENCY_MS 50 The minimum value (lower bound on histogram) that micrometer is expected to observe the end-to-end latency for OCNADD from producer request timestamp.
    EGW_MAX_EXPECTED_VALUE_ETE_LATENCY_MS 50 The maximum value (upper bound on histogram) that micrometer is expected to observe the end-to-end latency for OCNADD from producer request timestamp.
  2. Run the following command to apply the changes:
    helm upgrade <release_name> <helm_chart> --set global.env.admin.OCNADD_EGW_UPGRADE_ENABLE=true -n <namespace-name>
  3. Run the following command to check the pod status:
    watch kubectl get po -n <namespace-name>

    All the pods must be in running state.

  4. To verify the updated parameters, run the following command: 
    kubectl describe po <egw-pod-name> -n <namespace-name>