AC Express: Customer Onboarding Process

Table of Contents:

1 1. Credentials and Network Setup
2 2. Prerequisite Software Installation
3 3. Database Configuration
4 4. YAML and Cluster Setup
5 5. Helm and Adeptia Connect Installation
6 6. NGINX and Ingress Setup
7 7. EAR Setup and License Deployment
8 8. Environment Configuration
9 9. Monitoring and Backup Setup
10 10. Velero Backup Configuration
11 11. Generative AI Configuration
12 Summary

Customer Onboarding Process

1. Credentials and Network Setup

Verify Bastion Credentials:
- Once you receive the Bastion from Connectria, log in and verify the credentials.
Network Security Configuration:
- Allow Adeptia office IP in the virtual machine network security group inbound rules.

2. Prerequisite Software Installation

Download Prerequisites:
- Download required software from Google Drive (ACExpress pre-required software).
Install Software:
- Install all required software on the Bastion.
Install CLI for Windows:
- Open PowerShell and run the following command to install Chocolatey:
  Copy code
  Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))

Note: To deploy from your laptop, you must have administrative rights to install the Command Line Interface (CLI), Helm, and Chocolatey (choco).

Typically, the MST team will configure these tools and provide remote access for login and deployment. In this scenario, you will not need to configure the CLI, Helm, and Chocolatey yourself.

3. Database Configuration

Database Setup:
- Create the connection from the workbench.
- Verify the DB user provided by Connectria.
- Create the database and users. Example command:
  Copy code
  create user '<<customer_name>>productionuser'@'%' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON <<customer_name>>_backend.* TO '<<customer_name>>productionuser'@'%' WITH GRANT OPTION;

For Example:

acsSittrainingbackend and acsSittraininglogs are the two databases created.
acsSituser is the user created with full privileges over these two databases, and they can grant these privileges to others.

Using MySQL Workbench to create two databases and a user, along with granting that user privileges to the databases. Here's the breakdown:

Database Creation:
- acsSittrainingbackend: A database named acsSittrainingbackend is being created.
- acsSittraininglogs: Another database named acsSittraininglogs is being created.
User Creation:
- A user named acsSituser is being created with the password 'password'. The SQL command for this is:
  create user 'acsSituser'@'%' IDENTIFIED BY 'password';
The @'%' part indicates that this user can connect from any host (% is a wildcard for any IP).
Granting Privileges:
- The user acsSituser is being granted all privileges on the acsSittrainingbackend and acsSittraininglogs databases with the GRANT OPTION. This means the user can perform any action on these databases and also grant the same privileges to other users. The commands used are:
  GRANT ALL PRIVILEGES ON acsSittrainingbackend.* TO 'acsSituser'@'%' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON acsSittraininglogs.* TO 'acsSituser'@'%' WITH GRANT OPTION;
- These commands provide the user acsSituser full control over both databases, including the ability to read, write, update, delete data, and manage the structure.

Using MySQL Workbench to create two databases and a user, along with granting that user privileges to the databases. Here's the breakdown:

Database Creation:
- acsSittrainingbackend: A database named acsSittrainingbackend is being created.
- acsSittraininglogs: Another database named acsSittraininglogs is being created.
User Creation:
- A user named acsSituser is being created with the password 'password'. The SQL command for this is:
  create user 'acsSituser'@'%' IDENTIFIED BY 'password';
The @'%' part indicates that this user can connect from any host (% is a wildcard for any IP).
Granting Privileges:
- The user acsSituser is being granted all privileges on the acsSittrainingbackend and acsSittraininglogs databases with the GRANT OPTION. This means the user can perform any action on these databases and also grant the same privileges to other users. The commands used are:
- These commands provide the user acsSituser full control over both databases, including the ability to read, write, update, delete data, and manage the structure.

4. YAML and Cluster Setup

Prepare YAML Configuration:
- Prepare the YAML file as per the client’s license and details provided via email.
- How to access YAML file - Currently the YAML file is taken from product team and placed at shared location as shown in image below

Note: Create a copy of ACExpress folder with other name and then edit the YAML files to input details

Update YAML File by changing the Env screat to update database and AIMap Backend update

Update backend and log details and set static, migration cleanup job to “True”

AKS Cluster Setup:
- Add the Bastion IP in the AKS cluster network security settings.

5. Helm and Adeptia Connect Installation

Install Helm:
- Install Helm in the Bastion:
  Copy code
  choco install kubernetes-helm
Disable SSL Setting:
- Disable the SSL setting from the database server.

Install Adeptia Connect:
- Install Adeptia Connect using Helm (Follow Adeptia documentation) :
  Copy code
  helm install <<release name>> <<adeptia connect helmcharts path>>/ --timeout 10m --debug -n <<namespace>>

6. NGINX and Ingress Setup

Install NGINX:
- Download NGINX v9.3.32 and apply the ingress rules:
  Copy code
  kubectl apply -f ingress.yaml

7. EAR Setup and License Deployment

Once a secret is created, update the ingress.yaml file to apply the ingress rules.

Create EAR Folder:
- Create an EAR folder in the shared path and place the EAR file.

Deploy the Latest License:
- Deploy the latest license provided by the support team and restart the license microservice. (Shared Drive)

8. Environment Configuration

Configure Client Environment:
- Log in to the environment and configure the following:
  - EAR Settings
  - SMTP Configuration
  - AI MAP Settings
  - Logging Level (Set to Error)
  - Application Password: Default password is changeit.

EmailID : donotreply@adeptia.com

Password: (refer) myglu

9. Monitoring and Backup Setup

Install EFK:
- Download and install the EFK stack:
  Copy code
  helm install efk efk-stack/ -n logs
- After EFK installation is completed create the secret and apply the ingress rule

Install Grafana:
- Download and install Grafana using Helm:
- Extract the zip file and run the below command from the following folder
  Copy code
  helm install grafana-prometheus kube-prometheus-stack -n monitoring

Once grafana is installed create the secret and apply the ingress rule
Apply the ingress yaml file with below changes
Remove the s from the HTTP and provide the ingress release name

10. Velero Backup Configuration

Velero Backup Configuration:
- Create a namespace velero and a container in Azure Blob Storage.

Install Velero using the command:
Copy code
velero install --provider azure --plugins velero/velero-plugin-for-microsoft-azure:v1.5.0 --bucket <<BLOB_CONTAINER>> --secret-file <<file path>>/credentials-velero.txt
Create credentials-velero.txt using below lines: (Note: you can get the details from MST Team)

Use the below command to install the velero

OR

11. Generative AI Configuration

Generative AI Configuration:
- Go to Account > Settings > Microservice Settings > AIMap and configure AI settings.

Summary

he AC Express installation process involves several stages to ensure a smooth setup. First, you begin by verifying the Bastion credentials provided by Connectria and configuring network security to allow Adeptia's office IP in the virtual machine’s security group. Once this is set up, the required software is downloaded from Google Drive and installed on the Bastion, including installing the CLI for Windows using Chocolatey.

Next, the database is set up by creating the necessary databases and users with the appropriate privileges. After that, the YAML configuration is prepared based on client-specific details, and the Bastion IP is added to the AKS cluster network security. Once these steps are completed, Helm is installed on the Bastion, SSL settings on the database server are disabled, and Adeptia Connect is installed using Helm.

Following the Helm installation, NGINX v9.3.32 is installed, and ingress rules are applied. An EAR folder is created in the shared path, the EAR file is uploaded, and the latest license provided by the support team is deployed. The environment is then configured, which includes enabling EAR settings, setting up SMTP, enabling the AI MAP feature, and adjusting the logging level.

For monitoring and backup, the EFK stack is installed for log management, and Grafana is installed with Prometheus for monitoring. Additionally, Velero is set up for backup, using Azure Blob Storage as the storage location. Finally, the setup is completed by configuring the AI Map properties for generative AI functionality within the system, ensuring all components are properly integrated and configured. This process ensures a fully functional AC Express system, ready for use.

Managed Service Knowledge Base