1. Cloud Native Installation and Administration Guide
  2. About Integrating Offline Mediation Controller REST Services Manager with Cloud Native

5 About Integrating Offline Mediation Controller REST Services Manager with Cloud Native

You can integrate an external application with Oracle Communications Offline Mediation Controller cloud native by using Offline Mediation Controller REST Services Manager (RSM).

Topics in this document:

About Offline Mediation Controller REST Services Manager

The Offline Mediation Controller REST Services Manager (RSM) allows you to perform the same operations as the NMShell application using external client applications. For example, it allows your external application to do the following in Offline Mediation Controller:
  • Manage Nodes
  • Manage Node Managers
  • Retrieve a list of node chains
  • Compile and save the NPL rules file
  • Export node configurations and customizations

About Offline Mediation Controller REST Services Manager (RSM) Cloud Native Architecture

Figure 5-1 shows all the components of the Offline Mediation Controller REST Services Manager (RSM) cloud native architecture.

Figure 5-1 Offline Mediation Controller REST Services Manager (RSM) Cloud Native Architecture


Description of Figure 5-1 follows
Description of "Figure 5-1 Offline Mediation Controller REST Services Manager (RSM) Cloud Native Architecture"

The components in this figure include:
  • RSM Deployment: The primary deployment of RSM with all the necessary components and configurations.
  • RSM HTTP and HTTPS Service: This service exposes RSM to ports, allowing access to RSM through HTTP and HTTPS protocols.
  • Validator ConfigMap: There is a unique ConfigMap for each market segment.
  • RSM App ConfigMap: The ConfigMap contains the application.yaml file, which holds the configurations required to initiate the RSM server.
  • RSM Logging ConfigMap: The ConfigMap holds the log4j2.yaml file, encompassing logging-related configurations.
  • Admin Server Keystore Secret: This secret contains the administration server KeyStore file in a Base64-encoded format.
  • RSM HTTPS TLS Secret: This secret contains the HTTPS TLS store utilized by RSM when the HTTPS protocol is enabled.
  • RSM App Secret: This secret contains all confidential information necessary to launch the RSM server.
  • vol-external: This is an optional PV reference. RSM will incorporate it only if the flag rsm.pvc.ocomcExternal.enabled in the override-values.yaml file is set to true. When enabled, the RSM will share the vol-external PV of the OCOMC core deployment. It is mandatory to enable this flag if the node chain solution includes cartridges containing sensitive information such as FTP or database passwords.
  • rsm-vol-external: This PV is optional and can be enabled by setting the flag rsm.pvc.external.enabled to true in the values.yaml file. When enabled, the RSM will load custom cartridges from the specified PV into the classpath. The source directory for it can be configured in the override-values.yaml file.

Installing Offline Mediation Controller REST Services Manager

The Offline Mediation Controller REST Services Manager can be installed along with core Offline Mediation Controller components using a unified Helm chart.

To install Offline Mediation Controller REST Services:
  1. Configure and install all required third-party software. See "Setting Up Prerequisite Software".
  2. Configure the Offline Mediation Controller server and REST Services Manager connection. See "Configuring the Offline Mediation Controller Core and REST Services Manager Connection".
  3. Configure the RSM server. See "Configuring the REST Services Manager (RSM) Server".
  4. Load custom validators. See "Configuring and Loading Custom Validators".
  5. Deploy Offline Mediation Controller REST Services Manager. See "Deploying Offline Mediation Controller Services".

Setting Up Prerequisite Software

As part of preparing your environment for Offline Mediation Controller RSM, you install and set up various components and services in ways that are best suited for your cloud native environment. The following shows the high-level prerequisite tasks for deploying Offline Mediation Controller RSM:
  1. Ensure that you have downloaded the latest software that is compatible with Offline Mediation Controller cloud native. See "Offline Mediation Controller Cloud Native System Requirements" in Offline Mediation Controller Compatibility Matrix.
  2. Ensure that your environment setup is complete. See "Setting Up Your Environment".
  3. Download the Offline Mediation Controller cloud native Helm chart. See "Downloading Packages for the Offline Mediation Controller Cloud Native Helm Charts".

Configuring the Offline Mediation Controller Core and REST Services Manager Connection

To configure the Offline Mediation Controller core and REST Services Manager connection:
  1. In your override-values.yaml file for oc-cn-ocomc, set the following keys:
    • ocomcRSM.rsm.adminServerConnection.hostname: Specify the hostname where the Offline Mediation Controller Admin Server is running.
    • ocomcRSM.rsm.adminServerConnection.port: Specify the port where Offline Mediation Controller Admin Server listens.
  2. If Offline Mediation Controller core uses SSL, do the following:
    1. Copy your adminClientTruststore.jks file from the vol-keystore PV of Offline Mediation Controller core to the oc-cn-ocomc/rsm/ocomc-rsm-keystore directory.
    2. In your override-values.yaml file, set the following keys:
      • ocomcRSM.rsm.adminServerConnection.ssl.enabled: Set this key to true. This enables SSL between REST Services Manager and the Admin Server.
      • ocomcRSM.rsm.adminServerConnection.ssl.keystoreName: Specify the name of your KeyStore file, such as adminClientTruststore.jks.
  3. If authentication is enabled for Offline Mediation Controller core, set the following keys in your override-values.yaml file:
    • ocomcRSM.rsm.adminServerConnection.username: Specify the user name for logging in to the Admin Server.
    • ocomcRSM.rsm.adminServerConnection.password: Specify the password for logging in to the Admin Server.

Configuring the REST Services Manager (RSM) Server

To configure the Offline Mediation Controller RSM Server:
  1. Enable HTTPS in RSM by doing the following:
    1. Copy your generated .p12 KeyStore file to the RSM Helm chart directory (oc-cn-ocomc/charts/oc-cn-ocomc-rsm/ocomc-rsm-keystore).
    2. Set the following keys in your override-values.yaml file for oc-cn-ocomc:
      • ocomcRSM.rsm.https.enabled: Set this to true.
      • ocomcRSM.rsm.https.ketsotreName: Specify the name of the KeyStore file with the extension.
      • ocomcRSM.rsm.https.keystorePassPhrase: Specify the KeyStore passphrase.
  2. Expose RSM through a NodePort by setting the following keys in your override-values.yaml file:
    • ocomcRSM.rsm.service.type: Set this to NodePort.
    • ocomcRSM.rsm.service.nodePort: Specify the port number.
    • ocomcRSM.rsm.https.service.nodePort: If the HTTPS port is enabled, specify the port for exposing the HTTPS port outside the cluster.
  3. Enable Oracle Access Management Auth by setting the following keys in your override-values.yaml file:
    1. ocomcRSM.rsm.security.provider: Set this to OAM.
    2. ocomcRSM.rsm.security.configuration.oam: Fill in the Oracle Access Management and Oracle Unified Directory configuration details.
  4. Set the log levels to the appropriate level in the ocomcRSM.rsm.logging.packagingLogging keys in your override-values.yaml file.

Configuring and Loading Custom Validators

In Offline Mediation Controller REST Services Manager, you can configure custom validators.

To load custom validators:
  1. Enable custom validators for Offline Mediation Controller RSM. In your override-values.yaml file for oc-cn-ocomc, set the ocomcRSM.rsm.customisation.nodeConfigValidator.validators.enabled key to true.
  2. Create a subdirectory within the RSM Helm chart directory (oc-cn-ocomc-rsm/ocomc-rsm-validator) with the name of the market segment for the validator. For example, create a directory named oc-cn-ocomc-rsm/ocomc-rsm-validator/my-market.
  3. Copy the validator YAML files into the directory created in the previous step.
  4. In your override-values.yaml file, set the ocomcRSM.rsm.customisation.nodeConfigValidator.validators.marketSegments key to a list of supported market segments.

About the Offline Mediation Controller REST Services Manager Keys

Table 5-1 lists the keys that directly impact Offline Mediation Controller REST Services Manager. Add these keys to your override-values.yaml file with the same path hierarchy.

Table 5-1 Offline Mediation Controller REST Services Manager Keys

Key Path in values.yaml file Description

imagePullSecrets

 -

The location of your imagePullSecrets, which stores the credentials (or Secret) for accessing your private Docker registry.

name

ocomcRSM.rsm

The name to use for the deployment. The final name of the deployment is derived using the name provided.

fullname

ocomcRSM.rsm

The final name of the deployment to use. This would be used for the deployment without any modification.

replicas

ocomcRSM.rsm

The total number of RSM pods to run in the deployment.

restartCount

ocomcRSM.rsm

Tracks the number of restarts. To restart the pods, increment the value by 1 and run the helm upgrade command.

annotations

ocomcRSM.rsm

The custom annotations to add to the deployment (should be a key-value pair).

additionalLabels

ocomcRSM.rsm

The custom labels to add to the deployment (should be a key-value pair).

nodeSelectors

ocomcRSM.rsm

The node selector to use for the deployment.

imageRepository

ocomcRSM.rsm.container

The repository from where the RSM image can be pulled.

Note: The repository URI should not end with a trailing slash.

imagePullPolicy

ocomcRSM.rsm.container

The image pull policy to use for the deployment. The default value is IfNotPresent, which specifies not to pull the image if it's already present. Applicable values are IfNotPresent and Always.

image

ocomcRSM.rsm.container

The RSM image name and tag concatenated with a colon (:). Ensure to align with the RSM image version to be deployed.

enabled

ocomcRSM.rsm.https

Whether RSM should run with HTTPS.

keystoreName

ocomcRSM.rsm.https

The KeyStore file name with its extension to use for HTTPS. The file must be present in the oc-cn-ocomc-rsm/ocomc-rsm-keystore directory.

keystorePassPhrase

ocomcRSM.rsm.https

The passphrase for the HTTPS KeyStore file.

service.nodePort

ocomcRSM.rsm.https

The node port to use for HTTPS service. This would be used when the service type of RSM is set to NodePort.

hostname

ocomcRSM.rsm.adminServerConnection

The host name for accessing the admin server.

port

ocomcRSM.rsm.adminServerConnection

The port at which the admin server is listening on.

username

ocomcRSM.rsm.adminServerConnection

The user name to use for logging into the admin server.

password

ocomcRSM.rsm.adminServerConnection

The password for the specified user to use during login.

ssl.enabled

ocomcRSM.rsm.adminServerConnection

Whether Offline Mediation Controller core is SSL enabled.

ssl.keystoreName

ocomcRSM.rsm.adminServerConnection

If Offline Mediation Controller Core is SSL enabled, specify the admin-server TrustStore file name, including its extension, to use during the connection to the admin server.

The file must be present in the oc-cn-ocomc-rsm/ocomc-rsm-keystore directory. By default, the TrustStore in Offline Mediation Controller core can be copied from OMC_home/config/GUI/adminClientTruststore.jks.

testNodeChain.enabled

ocomcRSM.rsm

Whether node chain testing is enabled (true) or not (false). The default is false.

ocomcExternal.enabled

ocomcRSM.rsm.pvc

Whether RSM shares the same external PV of the Offline Mediation Controller core.

Enabling this is mandatory when RSM is involved in creating node chain solutions involving cartridges with sensitive password information (FTP or database passwords). The mount path is /app/volumes/ocomc-ext.

ocomcExternal.name

ocomcRSM.rsm.pvc

The name of the external volume in Offline Mediation Controller Core.

external.enabled

ocomcRSM.rsm.pvc

Whether to create an external PV for RSM. The mount path is /app/volumes/ext.

external.name

ocomcRSM.rsm.pvc

The name for RSM's external volume.

external.accessModes

ocomcRSM.rsm.pvc

The access mode to use for RSM's external PV.

external.storage

ocomcRSM.rsm.pvc

The storage to use for the RSM's external PV.

name

ocomcRSM.rsm.storageClass

The storage class to use if RSM's external PV is enabled.

cartridgeFolder

ocomcRSM.rsm.configEnv

The directory path where RSM retrieves and loads cartridges from.

nodeTypeMapper.enabled

ocomcRSM.rsm.customisation

Whether to load custom nodeMappers into RSM. The content of the file needs to be added to oc-cn-ocomc-rsm/templates/configmap-nodetypemapper.yaml.

nodeConfigValidator.enableCache

ocomcRSM.rsm.customisation

Whether caching should be enabled to the Node Config Validator.

nodeConfigValidator.validators.enabled

ocomcRSM.rsm.customisation

Whether to load custom validators into RSM.

nodeConfigValidator.validators.marketSegments

ocomcRSM.rsm.customisation

The list of market segments of the validators to load. The name must map to a directory in the oc-cn-ocomc-rsm/ocomc-rsm-validator directory.

nodeTypeMetadata.enabled

ocomcRSM.rsm.customisation

Whether to load custom node type metadata files into RSM.

nodeTypeMetadata.marketSegments

ocomcRSM.rsm.customisation

The list of market segments of the metadata node to load. The name must map to a directory in the oc-cn-ocomc-rsm/ocomc-rsm-metadata directory.

additional labels

ocomcRSM.rsm.service

The custom labels to add for the service.

additionalAnnotation

ocomcRSM.rsm.service

The custom annotations to add for the deployment.

service.type

ocomcRSM.rsm.service

The Kubernetes service type to use.

nodePort

ocomcRSM.rsm.service

The NodePort that RSM should be exposed to, if service type is set to NodePort.

provider

ocomcRSM.rsm.security

The security provider for user authentication.

clientId

ocomcRSM.rsm.security.configuration.oam

The Oracle Access Management (OAM) application client ID.

clientSecret

ocomcRSM.rsm.security.configuration.oam

The OAM application client secret.

tokenEndpointUri

ocomcRSM.rsm.security.configuration.oam

The OAM token endpoint URI.

authorizationEndpointUri

ocomcRSM.rsm.security.configuration.oam

The OAM authorization endpoint URI.

introspectEndpointUri

ocomcRSM.rsm.security.configuration.oam

The OAM introspect endpoint URI.

oauthIdentityDomainName

ocomcRSM.rsm.security.configuration.oam

The OAM client's identity domain name.

oudHostName

ocomcRSM.rsm.security.configuration.oam

The Oracle Unified Directory (OUD) server's host name.

oudAdminUserName

ocomcRSM.rsm.security.configuration.oam

The OUD server's administration user name.

oudAdminUserPassword

ocomcRSM.rsm.security.configuration.oam

The OUD server's administration user password.

oudHttpPort

ocomcRSM.rsm.security.configuration.oam

The OUD HTTP port.

oudHttpsPort

ocomcRSM.rsm.security.configuration.oam

The OUD HTTPS port.

oudUsersBaseDn

ocomcRSM.rsm.security.configuration.oam

The user's base DN in OUD.

oudGroupsBaseDn

ocomcRSM.rsm.security.configuration.oam

The group's base DN in OUD.

jvmOpts

ocomcRSM.rsm

The required JVM configuration for RSM.

terminationGracePeriodSeconds

ocomcRSM.rsm

The termination grace period for the pod. This is optional.

format.type

ocomcRSM.rsm.logging

The logging layout to use. The value should be a supported log4j logging layout.

format.pattern

ocomcRSM.rsm.logging

The logging pattern to use.

rootLevel

ocomcRSM.rsm.logging

The RSM's root logging level.

packageLogging

ocomcRSM.rsm.logging

The logging levels specific to individual packages.