agility-docs

External access

Agility needs access to the following public endpoints in order to work

External service	Protocol/Port	External host (IP/subnet)
iad.ocir.io	`HTTPS tcp/443`	https://docs.oracle.com/en-us/iaas/tools/public_ip_ranges.json </br> ‘.regions[] \| select(.region==”us-ashburn-1”) \| .cidrs[].cidr’
central-monitoring.b-yond.com	`HTTPS tcp/443`
AWS S3 us-west-2	`HTTPS tcp/443`	https://ip-ranges.amazonaws.com/ip-ranges.json </br> ‘.prefixes[] \| select(.service==”S3” and .region==”us-west-2”) .ip_prefix’

HTTP Proxy configuration

If the network where AGILITY is running requires an HTTP proxy setup to access Internet, follow these instructions:

Deploy the AGILITY application chart

Create an override values file (options available in the AGILITY chart):
```
 cd agility-charts
 vi agility-values-overrides.yaml
```
Update cv.httpProxy options
```
 cv:
   httpProxy:
     httpProxy: <http://example.com:3128>
     httpsProxy: <http://example.com:3128>
     noProxy: <10.0.0.0/8,172.16.0.0/12,192.168.0.0/16>
```
- httpProxy: HTTP Proxy setting, with URL format. Regular expression: ^https?:\/\/.+$.
- httpsProxy: HTTPS Proxy setting, with URL format. Regular expression: ^https?:\/\/.+$.
- noProxy: No Proxy setting, comma separated list of network addresses and/or domain names.
Run the Helm command to deploy AGILITY:
```
 helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml
```
Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.

Disable remote monitoring (central-monitoring.b-yond.com) and data report (AWS bucket)

AGILITY sends anonymous usage data collection to B-Yond. This can be disabled following these instructions:

Deploy the AGILITY application chart

Create an override values file (options available in the AGILITY chart):

 cd agility-charts
 vi agility-values-overrides.yaml

Update cv.agilityOpenTelemetry.settings.remote.enabled and cv.settings.sharePcapInformation options

 cv:
   settings:
     sharePcapInformation: false
   agilityOpenTelemetry:
     settings:
       remote:
         enabled: false

Run the Helm command to deploy AGILITY:
```
 helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml
```
Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.

Enable customer monitoring

AGILITY can send metrics to a compliant Open Telemetry collector.

Create an override values file (options available in the AGILITY chart):
```
 cd agility-charts
 vi agility-values-overrides.yaml
```
Update cv.agilityOpenTelemetry.settings.customer options
```
 cv:
   agilityOpenTelemetry:
     settings:
       customer:
         enabled: true
         endpoint: <customer-endpoint>
         tlsInsecure: false
         tlsSecret:
           name: <customer-kubernetes-secret>
         useHttps: true
```
Complete based on the following options:
- enabled: <boolean> -required-
  - Enables a customer to route Agility data to a compliant Open Telemetry collector. Default value: false
- endpoint: <string> -required-
  - URL Endpoint where to send OpenTelemetry data. If useHttps is true, ensure to match the following pattern: ^https?:\/\/.+$. For example: https://example.com. If useHttps is false, ensure to match the following pattern: ^.*:[0-9]+$. For example: example.com:4317
- tlsInsecure: <boolean>
  - Do not validate TLS certificate
- tlsSecret: <Object>
  - The secret containing the Certificates and Key to encrypt OpenTelemetry traffic will need to contain the TLS certificate, TLS key and TLS certificate authority with the data keys set to tls.crt, tls.key and tls.ca, respectively. It will then be mounted as a volume projection to the ‘/tmp/oteltls’ directory. For more information on Kubernetes secret projections, please see https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths. NOTE: If tlsInsecure is true, this value will be ignored.
- useHttps: <boolean>
  - Use HTTPS protocol instead of gRPC protocol. Default value: true
Run the Helm command to deploy AGILITY:
```
 helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml
```
Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.