10 Parameter Updates for OCNADD Microservices

The following sections describe the procedure to update the container images of consumer adapter and egress gateway services by updating the admin service yaml file.

Note:

There could be a potential data loss during parameter modification. Hence, any such activity must be planned in a maintenance window.

10.1 Enabling Egress Annotation

To enable Egress Annotation for OCNADD traffic to be routed outside the cluster, enable the parameter ocnaddadminsvc.ocnadd.admin.env.OCNADD_EGRESS_NETWORK_ENABLE to true in the ocnadd-custom-values.yaml file.

Update the following Helm parameters based on the network:

Table 10-1 Egress Annotation Parameters

Name Data Type Range Default Value Mandatory (M)/Optional (O)/Conditional (C) Description
OCNADD_EGRESS_NETWORK_KEY String - oracle.com.cnc/egress-network O Annotation for egress network support
OCNADD_EGRESS_NETWORK_NAME_VALUE String - oam O Name of the egress network configured in the CNE cluster
OCNADD_EGRESS_NETWORK_TYPE String - oracle.com.cnc O Type of Oracle Network
OCNADD_CNC_ENABLE String - true O Enable oracle.com.cnc network

10.2 Update Consumer Adapter

This section describes the procedure to update the following Consumer Adapter components:
  • Egress Adapter Service image
  • HPA configuration
  • Egress Adapter Service parameters
  • Load distribution algorithm through the parameter "ADAPTER_CORRID_LB_WITHOUT_LF_ENABLED"
Perform the following steps to update the following Consumer Adapter components:
  1. Edit the following parameters of ocnaddadminsvc environment variables in the ocnadd-custom-values.yaml file

    Table 10-2 Parameters in Consumer Adapter

    Parameters Data Type Range Default Values Mandatory(M)/Optional(O)/Conditional(C) Description
    ADAPTER_CORRID_LB_WITHOUT_LF_ENABLED Boolean True or False True M

    This parameter defines the behavior of the load distribution algorithm.

    If the value is "true", the messages with the same Correlation ID are sent to the same destination endpoint without considering the load factor.

    If the value is "false", the messages with same Correlation ID are sent to the same destination endpoint based on the load factor. In this case the compute resource requirement will be significantly higher and some fluctuation in Egress MPS is observed.
    OCNADD_ADAPTER_LOG_LEVEL_NETTY STRING - INFO O Netty log level
    OCNADD_ADAPTER_LOG_LEVEL STRING - INFO O Adapter service log level
    logging.level.com.oracle.cgbu.cne.ocnadd STRING - INFO O Logging level for OCNADD services
    logging.level.com.oracle.cgbu.cne.ocdd STRING - INFO O Logging level for Common OCNADD services
    OCNADD_ADAPTER_MIN_REPLICAS INTEGER - 2 M Minimum Replicas for Adapter
    OCNADD_ADAPTER_MAX_REPLICAS_TCP INTEGER   2 M Maximum Replicas for Adapter (TCP Connection)
    OCNADD_ADAPTER_MAX_REPLICAS INTEGER - 8 M Maximum Replicas for Adapter
    MAX_TCP_CONNECTION_PER_DEST INTEGER - 6 M Maximum allowed TCP connection per destination
    ADAPTER_KAFKA_FETCH_MAX_BYTES INTEGER - 576720 O The maximum amount of data the server should return for a fetch request
    ADAPTER_KAFKA_MAX_PARTITION_FETCH_BYTES INTEGER - 104857 O The maximum amount of data per-partition the server will return
    ADAPTER_KAFKA_FETCH_MAX_WAIT_MS INTEGER - 40 O The maximum amount of time the server will block before answering the fetch request
    ADAPTER_KAFKA_SESSION_TIME_OUT INTEGER - 15000 O The timeout used to detect client failures when using Kafka’s group management facility
    ADAPTER_KAFKA_HEARTBEAT_INTERVAL_MS INTEGER - 5000 O The expected time between heartbeats to the consumer coordinator when using Kafka’s group management facilities
    ADAPTER_KAFKA_MAX_POLL_INTERVAL_MS INTEGER - 30000 O The maximum delay between invocations of poll () when using consumer group management
    ADAPTER_KAFKA_MAX_POLL_RECORDS INTEGER - 1500 O The maximum number of records returned in a single call to poll()
    ADAPTER_KAFKA_COMMIT_INT_CONFIG INTEGER - 30 O The frequency in milliseconds that the consumer offsets are committed to Kafka
    ADAPTER_KAFKA_NUM_THREADS_CONFIG INTEGER - 9 O The number of threads to execute stream processing
    ADAPTER_KAFKA_CONSUMER_POLL_MS INTEGER - 30 O The amount of time in milliseconds to block waiting for input
    ADAPTER_KAFKA_RECEIVE_BUFFER_BYTES INTEGER - 104857 M The size of the TCP receive buffer (SO_RCVBUF) to use when reading data.
    ADAPTER_WEBCLIENT_TYPE STRING - netty M Webclient Type for Adapter Service
    OCNADD_ADAPTER_USE_TS BOOLEAN true/false true M Parameter to enable trustore use for Adapter
    OCNADD_ADAPTER_SERVER_SSL BOOLEAN true/false false M Enable Server SSL for Adapter
    EGRESS_MAX_CONNECTION_POOL_COUNT INTEGER - 100 O Max number of connections per connection pool
    EGRESS_SSL_HANDSHAKE_TIMEOUT INTEGER - 40 O SSL handshake timeout
    EGRESS_SSL_CLOSE_NOTIFY_FLUSH_TIMEOUT INTEGER - 20 O HttpClient Notify Flush timeout
    EGRESS_SSL_CLOSE_NOTIFY_READ_TIMEOUT INTEGER - 20 O HttpClient Notify Read timeout
    EGRESS_CLIENT_MAX_INMEMORY INTEGER - 12 O Webclient Max In Memory in Mb
    EGRESS_JETTY_MAX_CONNECTION_PER_DESTINATION INTEGER - 12 O Jetty Max Connection per Destination
    EGRESS_JETTY_MAX_REQUEST_PER_DESTINATION INTEGER - 1000 O Jetty Max Request per Destination
    EGRESS_JETTY_CLIENT_IDLE_TIMEOUT INTEGER - 300000 O Jetty client IDLE timeout
    EGRESS_JETTY_CLIENT_CONNECT_BLOCKING BOOLEAN true/false false O Jetty Client Connection Block Enable
    EGRESS_JETTY_CLIENT_CONNECT_TIMEOUT INTEGER - 120000 O Jetty Client Connection Timeout
    EGRESS_JETTY_CLIENT_STREAM_IDLE_TIMEOUT INTEGER - 300000 O Jetty Client Stream IDLE timeout
    EGRESS_JETTY_CLIENT_MAX_CONCURR_PUSHED_STREAM INTEGER - 12 O Jetty HTTP2 client max concurrent pushed stream
    ADAPTER_TCP_CLIENT_MSG_RETRY_MAX_ATTEMPTS INTEGER - 10 O Max TCP message retry
    ADAPTER_TCP_CLIENT_MSG_RETRY_DELAY INTEGER - 50 O TCP Message retry delay
    ENABLE_ADAPTER_COUNTER_METRICS BOOLEAN true/false true O Enable Adapter Counter Metric
    ENABLE_ADAPTER_LATENCY_METRICS BOOLEAN true/false true O Enable Adapter Latency Metric
  2. Run the following command to apply the changes:
    >  helm upgrade <release_name> -f ocnadd-custom-values.yaml --set global.env.admin.OCNADD_ADAPTER_UPGRADE_ENABLE=true -n <namespace-name>
  3. Run the following command to check the pod status:
    watch kubectl get po -n <namespace-name>

    All the pods must be in running state.

  4. To verify the updated parameters, run the following command: 
    kubectl describe po <adapter-pod-name> -n <namespace-name>
  5. After Adapter has been successfully upgraded, run the following command:
     >  helm upgrade <release_name> -f ocnadd-custom-values.yaml --set global.env.admin.OCNADD_ADAPTER_UPGRADE_ENABLE=false -n <namespace-name>

10.3 Renew SSL certificates for OCNADD Services

The renewal of SSL certificate is required when the certificates for OCNADD services get expired or reaches the expiry date.

To renew the certificates:
  1. Regenerate the CSR, private key, and secrets for the OCNADD services using the CA certificate and CA key.

    For more information about the certificates, see the Customer Provided CACert and CAKey in the Configure SSL or TLS Certificate section of Oracle Communications Network Analytics Data Director Installation Guide.

  2. Enter y for the Would you like to delete existing demoCA folder? (y/n command.
  3. Get the statefulsets for OCNADD services using the following command:
    kubectl get statefulset-n <namespace-name>
  4. Trigger rolling update for aforementioned services which are listed as statefulsets using following command:
    kubectl rollout restart statefulset <STATEFULSET-NAME> -n <namespace-name>
  5. Get the deployment for OCNADD services by running the following command:
    kubectl get deployment -n <namespace-name>
  6. Trigger rolling update for these services using the following command:
    kubectl rollout restart deployment <DEPLOYMENT-NAME> -n <namespace-name>