We're planning to migrate our VM appliance based gateway to container based gateway using Openshift.
We have some custom config defined in /opt/SecureSpan/Gateway/runtime/etc/profile.d/ssgruntimedefs.sh especially around the use of corporate proxy,:
### begin of what Need to be Added into helm chart
default_java_opts="$default_java_opts -Dhttp.proxyHost=<proxy.example.com>"
default_java_opts="$default_java_opts -Dhttp.proxyPort=9000"
default_java_opts="$default_java_opts -Dhttps.proxyHost=<proxy.example.com>"
default_java_opts="$default_java_opts -Dhttps.proxyPort=9000"
# per https://domain.service-now.com/nav_to.do?uri=%2Fkb_view.do%3Fsys_kb_id%3D966ab2780f515200c817a218b1050e7d
default_java_opts="$default_java_opts -Dhttps.nonProxyHosts=\"127.0.0.0/8|10.0.0.0/10|10.0.0.0/8|172.16.0.0/12|192.168.0.0/16|\""
### end CHG1588092
- could you please let us know where these values would need to be configured under the helm values.yaml chart ?
Would that be under javaArgs: ?
Release : 11.0
yes, under javaArgs: in the helm chart.
Do you need to configure corporate proxy this way :
javaArgs:
- -Dcom.l7tech.bootstrap.autoTrustSslKey=trustAnchor,TrustedFor.SSL,TrustedFor.SAML_ISSUER
- -Dcom.l7tech.server.audit.message.saveToInternal=true
- -Dcom.l7tech.server.audit.admin.saveToInternal=true
- -Dcom.l7tech.server.audit.system.saveToInternal=true
- -Dcom.l7tech.server.audit.log.format=json
- -Djava.util.logging.config.file=/opt/SecureSpan/Gateway/node/default/etc/conf/log-override.properties
- -Dcom.l7tech.server.pkix.useDefaultTrustAnchors=true
- -Dcom.l7tech.security.ssl.hostAllowWildcard=true
- -Dhttp.proxyHost=<proxy.example.com>
- -Dhttp.proxyPort=9000
- -Dhttps.proxyHost=<proxy.example.com>
- -Dhttps.proxyPort=9000
- -Dhttps.nonProxyHosts=127.0.0.0/8|10.0.0.0/10|10.0.0.0/8|172.16.0.0/12|192.168.0.0/16
**** if those are where proxy is configured then the format should be fine
** For env variables - they can be added to existingSecret (or see link below) :
https://github.com/CAAPIM/apim-charts/blob/stable/charts/gateway/values.yaml#L628-L631