Cloud Services

Enterprise Marketplace

Proxy adapter setup for on-premises ITSM
Published On Oct 08, 2024 - 9:44 AM

Proxy adapter setup for on-premises ITSM

Setting up a proxy adapter to facilitate the communication between Kyndryl Modern Operations Applications and an on-premises ITSM system.
This page covers the setup of the proxy adapter in an on-premises environment to connect Kyndryl Modern Operations Applications and an on-premises ITSM system. For more information about onboarding ITSM systems, see Standard ITSM integration.

Prerequisites

Before you can set up the proxy adapter, your system must meet these prerequisites:
  • The Proxy Adapter host should be in same private network where the ITSM system is hosted.
  • Hardware requirements:
    • CPU – 2 vCPU
    • Memory – 4 GB
    • Disk – 100 GB
  • Gather the following information for your Kyndryl Modern Operations Applications configuration:
    • API keys for your user in Kyndryl Modern Operations Applications
    • Ensure that your user has the Tenant Admin role
    • Tenant information for Kyndryl Modern Operations Applications (tenant id, broker id)
  • A Docker registry login
  • Docker engine, Docker-Compose, and Curl must be preinstalled on the proxy adapter servers
  • root and SSH (passwordless) access to the proxy adapter servers

GitHub Repositories

Set up the proxy adapter

To set up the proxy adapter, complete the following steps.
The provider code of the ITSM should be used while configuring the proxy adapter.
  1. Generate the token by executing the
    ./generate_token.sh {token_name} {token}
     command, providing
    token_name
     and
    token
     as parameters. This command changes the following value in the
    ./util/generate-token/generate_token.sh
     file. 
    # tenant host URL
host="https://ibm.gravitant.net"
# Broker value Ex. mcmp:consume:service for Consume, mcmp:core:service for Core, or mcmp:actions:service for Actions
broker="mcmp:consume:service"
  2. Execute the
    create_tar.sh
     command to create a
    bundle.tar.gz
     tar bundle that contains all the Docker images. Production ready manifests can be found in the pipeline repository. Use only the latest manifests.
  3. Update the following values in the
    ./proxy-adapter-installer/config.sh
     file:
    • proxy_adapter_setup_type:
       Select the setup type, which can be
      websocket
       or
      nginx
      .
    • provider_code:
       Set the valid provider code such as
      vra
      ,
      tower
      , and so on.
    • proxy_id:
       UUID used to reference the proxy adapter.
    • host:
       Tenant-specific host such as
      ibm.gravitant.net
      .
    • application:
       Broker value such as
      mcmp:consume:service
       for Consume,
      mcmp:core:service
       for Core, or
      mcmp:actions:service
       for Actions. This value should match the broker ID used in step one.
    • protocol:
       The provider code.
    • ws_token_name:
       The token name, which should match the name used in step 1.
    • ws_token:
       The token value.
    • cleanup_proxies:
       Determines whether the system deletes registered proxies. Can be
      true
       or
      false
      .
    • unused_proxies:
       Provide your proxy IDs in a comma-separated list, such as
      proxy_id1,proxy_id2,proxy_id3
      .
    • vm_server_ip
       and
      vm_server_user:
       The VM server details where the proxy adapter will be installed.
    • proxy_image_name
       and
      proxy_port:
       Advanced configuration, such as
      na.artifactory.taas.kyndryl.net:443/ibmcb-docker-local/mcmp-generic-proxy-adapter:latest
      . Make sure to give proper version for image (e.g. release-2018.08.01) as per artifactory.
    • tenant_api_end_point:
       The host API URL.
    • wsmeshconnector_base_url:
       The URL for the mesh connector, which varies depending on the environment (consume or mcas). Example for vRA
      $tenant_api_end_point/wsmeshconnector
       and for MCAS
      $tenant_api_end_point/mcas/wsmeshconnector
      .
    • externalvaultenabled:
       Whether the system will use an external vault or not. Can be
      true
       or
      false
      .
    • cache_urls:
       Resource path patterns whose response can be cached in a comma-separated list.
    • swarm_mode_enabled:
       Whether to use swarm configuration. Can be
      true
       or
      false
      .
  4. Run the
    setup.sh
     command.
After you have set up the proxy adapter, run the following checks:
  1. Check the docker ps: 
    $ docker ps | grep proxy-adapter
10acfaf1f117   na.artifactory.taas.kyndryl.net:443/ibmcb-docker-local/mcmp-generic-proxy-adapter:latest "node app.js" 21 seconds ago Up 20 seconds mcmp-generic-proxy-adapter-tower-3333
  2. Check the docker container logs: 
    $ docker logs 10acfaf1f117
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <INFO> (app.js:Object.<anonymous>:48) Proxy adapter running in web socket mode
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <INFO> (connectionHelper.js:Object.validateEnvironmentVariables:18) Validating the environment variable set
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <DEBUG> (connectionHelper.js:Object.getWSConnectionParams:44) Fetching ws connection params
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <DEBUG> (connection.js::52) Connecting to the WSMesh {"wsTokenName":"actionstoken","application":"actions","proxyId":"tower","host":"actions.gravitant.net","token":"********","protocol":"tower","wspath":"wss://actions.gravitant.net/api/wsmesh/v1/connect"}
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <INFO> (connection.js:WebSocketClient.<anonymous>:57) WSMesh connection established
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <INFO> (connectionHelper.js:Object.registerProxyAdapter:80) Registering proxy adapter with WSMesh
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <DEBUG> (connectionHelper.js:getWSRegisterMsg:59) Fetching ws registration message
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <DEBUG> (app.js:initWSApp:56) Connection response {"error":false,"message":"WSMesh connection established"}
Wed Jan 20 2021 11:34:14 AM GMT+0000 -     NA - <INFO> (app.js:Server.<anonymous>:59) Server started listening on port 3333 at Wed Jan 20 2021 11:34:14 GMT+0000 (Coordinated Universal Time)
Wed Jan 20 2021 11:34:44 AM GMT+0000 -     NA - <DEBUG> (connection.js:Timeout.connHeartbeat [as _onTimeout]:19) Inside connection heartbeat
Wed Jan 20 2021 11:34:44 AM GMT+0000 -     NA - <INFO> (connection.js:Timeout.connHeartbeat [as _onTimeout]:21) Connection is alive

Troubleshooting

The following are solutions for commonly encountered problems:
  • If the Kyndryl Modern Operations Applications calls are not able to reach the proxy adapter, ensure that allowedip (if mutual auth is enabled) contains the Kyndryl Modern Operations Applications IP address either as a static IP or as a subnet mask.
  • If the container stops, restart it to reestablish the web socket connection using the
    docker restart {container_id}
     command. The ID can be obtained using the
    docker ps
     command.
  • If the Kyndryl Modern Operations Applications calls are not able to reach the proxy adapter, check for errors in the
    cb-wsmesh-connector
     logs.
  • If you encounter any issues with the proxy adapter, capture the logs of the corresponding containers using the
    docker logs {container_id}
    command. The ID can be obtained using the
    docker ps
     command.
Do you have two minutes for a quick survey?
Take Survey