Common tasks

The sections provides information about common tasks that users and administrators may need to perform to manage SD Elements.

Helm

  • List all deployed charts:

    helm list

Kubernetes

  • List all SDE Pods:

    $ kubectl get pods
sde-1578433057-broker-b698dfcfb-55rnk                 1/1     Running       1          6d
sde-1578433057-cache-84fd48b88-4qsgl                  1/1     Running       1          6d
sde-1578433057-database-5c5fdf76d-jqzm6               1/1     Running       1          6d
sde-1578433057-mail-6977f6dfd-ln55j                   1/1     Running       1          6d
sde-1578433057-web-6c4d548c7d-bzjw9                   1/1     Running       1          6d
sde-1578433057-worker-10-7ddc88d5c-qlwdf              1/1     Running       5          6d
sde-1578433057-worker-15-sde-medium-c9bff4dbd-spkmc   1/1     Running       1          6d
sde-1578433057-worker-17-6754875844-gfkwk             1/1     Running       3          6d
sde-1578433057-worker-18-sde-low-6dfcf68c4d-98t54     1/1     Running       1          6d

  • Retreive pod logs:

    # Syntax
kubectl logs pod/<POD_NAME>
# Example
kubectl logs pod/sde-1578433057-broker-b698dfcfb-55rnk

  • Retrieve superuser login username:

    kubectl describe pods | grep 'SDE_SUPERUSER:' | sort -u

  • Retrieve superuser login password:

    # Syntax
kubectl get secrets "<HELM_RELEASE_NAME>-sde-secrets" --output jsonpath='{.data.SDE_SUPERUSER_PASSWORD}' | base64 -d
# Example
kubectl get secrets "prod-sde-secrets" --output jsonpath='{.data.SDE_SUPERUSER_PASSWORD}' | base64 -d

Change a container SSL certificate to a trusted certificate

These instructions apply to the certificate that web browsers use to validate a web connection.

Steps:

  1. Navigate to values.yaml on your local machine.

  2. Uncomment tlsCertificatePath and change it to the path of your pem file on your local machine.

  3. Repeat the previous step for tlsKeyPath.

  4. Uncomment tlsCiphers and tlsProtocols.

  5. Upgrade helm as described here.

    ## Certificate and encryption options
#tlsCertificatePath: files-static/myServerCert.pem
#tlsKeyPath: files-static/myServerKey.pem
#tlsCiphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
#tlsProtocols: "TLSv1 TLSv1.1 TLSv1.2"
Note
 SD Elements containers have a list of trusted Certificate Authorities built into their operating systems. Since these containers do not run as root, the list cannot be updated. If the certificate used by your integration server isn’t backed by a root Certificate Authority already in the certificate store, select the option to not validate TLS in your integration connection (LDAP synchronization or global issue tracker).

results matching ""

    No results matching ""