RRS Container

Summary

Deploys an embedded web server to handle API requests invoked by users in CAT-RCKMS.

Attributes

Parameter

Value

Type

Primary

Name

rckms-reports-service

Image

rckms-reports-service

Image Pull Policy

Always

Command

Arguments

Port

8080

Security Context

Allow Privilege Escalation: false

Endpoints

External-to-Cluster

This container does have external-to-cluster exposed endpoints.

Generate All Concepts & Value Sets Report

POST /all-concepts-value-sets/generate

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Content-Type*

String

Should be set to application/json; charset=utf-8.

Get All Conditions Report

GET /all-conditions

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Get All Jurisdictions Status Report

GET /all-jurisdictions-status

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Get Metadata for All Concepts & Value Sets Report

GET /all-concepts-value-sets

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Get All Concepts & Value Sets Report

GET /all-concepts-value-sets/{{reference}}

Path Parameters

Name

Type

Description

{{reference}}*

String

latest will return most recent version of report. Alternatively, provide a report UUID to fetch that specific instance.

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Internal

Liveness Probe

GET /__probes/liveness

Refer to the Kubernetes Documentation for more information on probes.

{
    // Response
}

{
    // Response
}

Readiness Probe

GET /__probes/readiness

Refer to the Kubernetes Documentation for more information on probes.

{
    // Response
}

{
    // Response
}

Environment Variables

All environment variables, unless otherwise indicated, are considered required.

General Variables

NODE_ENV

When set to production, optimizes runtime performance.

Accepted Values

default
production

PORT

Controls which port the embedded web server is bound to.

Accepted Values

8080 default

Postgres Database Connectivity

DB_SCHEMA_NAMESPACE Optional

Explicitly define the schema to interact against for table-based queries.

If no value is provided, uses the Postgres user's search_path to resolve schema-to-table hierarchy.

Accepted Values

default
A non-default public or "$user" schema name.

PG_DB_HOST

Define hostname of the Postgres database instance to connect to.

Accepted Values

Any valid Postgres database hostname or IP address.

PG_DB_PORT

Define Postgres database instance port.

Accepted Values

Typically 5432, the standard Postgres port.

PG_DB_NAME

Define Postgres instance database name to connect to.

Accepted Values

Any Postgres database, e.g. cdsfw_prod or rckms_staging.

Due to differences in database implementations between AIMS environments, the following Postgres user accounts should be used in MTS and RRS connections:

AIMS Production: rckms
AIMS Onboard: rckms
AIMS PRR: rckms_prr

PG_DB_USER

Define Postgres database username to authenticate with.

Accepted Values

Any Postgres username value.

PG_DB_PASS Secret

Define Postgres database password to authenticate with.

Accepted Values

The password for the user specified in PG_DB_USER.

Knowledge Module Storage Bucket Connectivity

To make storage of reports easier for operators, reports are stored in a separate directory than knowledge modules, enabling the sharing of a single bucket per environment.

STORAGE_PROVIDER

Toggles the underlying Cloud Platform SDK libraries used for connectivity and CRUD operations on the defined cloud storage bucket.

Accepted Values

aws default
gcp

CLOUD_STORAGE_BUCKET_NAME

Defines the bucket name/connection URI for the target Knowledge Module storage bucket resource.

Accepted Values

A valid platform connection URI or bucket name per SDK guidance. For Google Cloud Storage buckets, omit the gs:// prefix, and leverage GKE Workload Identity for permitting read and write operations. For AWS S3 buckets, ensure that an AWS_PROFILE or Pod service account workload identity is configured properly for read and write operations.

Intra-mesh Connectivity

CAT_BASE_URI

Define the URI for CAT-RCKMS application for this environment. Used in generating notifications in the Middle Tier Service (MTS).

Accepted Values

Any valid URL, including protocol, hostname, and path. For example, https://rckms-prod-authoring.aimsplatform.com/ or https://mirror.rckms.dev/cat/ would be considered acceptable values.

MTS_RS_CORE_URI

Define the Kubernetes Service endpoint for MTS "Core" classified interactions.

Accepted Values

Any valid URL, including protocol, hostname, port (optionally inferred by protocol), and path. For example, http://mts.prd.svc.cluster.local:80/mts-rs-core would be considered an acceptable value for a service resource named mts, in the prd namespace, with a service port of 80 and a path value of mts-rs-core.

MTS_APP

Specify which MTS "application" to authenticate against.

Accepted Values

CAT is the only acceptable value.

MTS_USERNAME

Define RCKMS CAT user username to authenticate against MTS with.

Accepted Values

Any RCKMS CAT username value, but typically set to admin.

MTS_PASSWORD Secret

Define RCKMS CAT user password to authenticate against MTS with.

Accepted Values

The password for the user specified in MTS_USERNAME.

Logging Level Configuration

LOGGING_LEVEL Optional

Accepted Values

debug Verbose logging. Useful for triaging.
info default Standard logging output.
warn Outputs log events classified as warnings or higher.
error Outputs log events classified as errors or higher.
fatal Only fatal, typically uncaught exceptions will be logged.
silent Disables all logging output.
trace Extremely verbose logging.

Sentry Configuration

SENTRY_DSN Optional

Enables Sentry error reporting and application performance monitoring.

If no value is provided, disables Sentry functionality.

Accepted Values

default
A valid Sentry DSN URL

SENTRY_ENVIRONMENT Optional

Additional metadata to enrich errors and metrics captured by Sentry.

Accepted Values

Any string value, preferably the name of the environment this workload is operating.

SENTRY_RELEASE Optional

Additional metadata to enrich errors and metrics captured by Sentry.

Accepted Values

Any string value, preferably the commit short SHA1 or container tag/version.

Probes

Liveness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /__/probes/liveness
Port: 8080 (must match container port)

Timings

Initial Delay of 15s
Period of 60s
Timeout of 5s

Thresholds

1 Successes
3 Failures

Readiness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /__/probes/readiness
Port: 8080 (must match container port)

Timings

Initial Delay of 15s
Period of 15s
Timeout of 5s

Thresholds

1 Successes
3 Failures

Startup

This container does not utilize startup probes.

Resources

CPU (in millicores)

RAM (in MiB)

Storage (in GiB)

500

768

N/A

Technology Stack

Container uses Alpine Linux base image from the official Node repository, targeting the Node 14 LTS variant. Deploys an ExpressJS web server for routing requests.

Volume Mounts

This container does not mount any volumes.

Workload Identity

This container requires a Pod Service Account with the following role(s):

Cloud SQL Client / AWS RDS Client User
Google Cloud Storage / AWS S3 Bucket Maintainer
Google Cloud Storage / AWS S3 Bucket Object Creator
Google Cloud Storage / AWS S3 Bucket Object Editor

Code Owners

PreviousRRS NextSS

Last updated 2 years ago

RRS Container

Summary

Deploys an embedded web server to handle API requests invoked by users in CAT-RCKMS.

Attributes

Parameter

Value

Type

Primary

Name

rckms-reports-service

Image

rckms-reports-service

Image Pull Policy

Always

Command

Arguments

Port

8080

Security Context

Allow Privilege Escalation: false

Endpoints

External-to-Cluster

This container does have external-to-cluster exposed endpoints.

Generate All Concepts & Value Sets Report

POST /all-concepts-value-sets/generate

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Content-Type*

String

Should be set to application/json; charset=utf-8.

Get All Conditions Report

GET /all-conditions

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Get All Jurisdictions Status Report

GET /all-jurisdictions-status

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Get Metadata for All Concepts & Value Sets Report

GET /all-concepts-value-sets

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Get All Concepts & Value Sets Report

GET /all-concepts-value-sets/{{reference}}

Path Parameters

Name

Type

Description

{{reference}}*

String

latest will return most recent version of report. Alternatively, provide a report UUID to fetch that specific instance.

Headers

Name

Type

Description

X-Cat-Session*

String

Provide a valid CAT-RCKMS (provisioned by MTS) SessionID token.

Internal

Liveness Probe

GET /__probes/liveness

Refer to the Kubernetes Documentation for more information on probes.

{
    // Response
}

{
    // Response
}

Readiness Probe

GET /__probes/readiness

Refer to the Kubernetes Documentation for more information on probes.

{
    // Response
}

{
    // Response
}

Environment Variables

All environment variables, unless otherwise indicated, are considered required.

General Variables

NODE_ENV

When set to production, optimizes runtime performance.

Accepted Values

default
production

PORT

Controls which port the embedded web server is bound to.

Accepted Values

8080 default
Any numerical value. Should match the value of Port parameter in .

Postgres Database Connectivity

DB_SCHEMA_NAMESPACE Optional

Explicitly define the schema to interact against for table-based queries.

If no value is provided, uses the Postgres user's search_path to resolve schema-to-table hierarchy.

Accepted Values

default
A non-default public or "$user" schema name.

PG_DB_HOST

Define hostname of the Postgres database instance to connect to.

Accepted Values

Any valid Postgres database hostname or IP address.

PG_DB_PORT

Define Postgres database instance port.

Accepted Values

Typically 5432, the standard Postgres port.

PG_DB_NAME

Define Postgres instance database name to connect to.

Accepted Values

Any Postgres database, e.g. cdsfw_prod or rckms_staging.

Due to differences in database implementations between AIMS environments, the following Postgres user accounts should be used in MTS and RRS connections:

AIMS Production: rckms
AIMS Onboard: rckms
AIMS PRR: rckms_prr

PG_DB_USER

Define Postgres database username to authenticate with.

Accepted Values

Any Postgres username value.

PG_DB_PASS Secret

Define Postgres database password to authenticate with.

Accepted Values

The password for the user specified in PG_DB_USER.

Knowledge Module Storage Bucket Connectivity

To make storage of reports easier for operators, reports are stored in a separate directory than knowledge modules, enabling the sharing of a single bucket per environment.

STORAGE_PROVIDER

Toggles the underlying Cloud Platform SDK libraries used for connectivity and CRUD operations on the defined cloud storage bucket.

Accepted Values

aws default
gcp

CLOUD_STORAGE_BUCKET_NAME

Defines the bucket name/connection URI for the target Knowledge Module storage bucket resource.

Accepted Values

A valid platform connection URI or bucket name per SDK guidance. For Google Cloud Storage buckets, omit the gs:// prefix, and leverage GKE Workload Identity for permitting read and write operations. For AWS S3 buckets, ensure that an AWS_PROFILE or Pod service account workload identity is configured properly for read and write operations.

Intra-mesh Connectivity

CAT_BASE_URI

Define the URI for CAT-RCKMS application for this environment. Used in generating notifications in the Middle Tier Service (MTS).

Accepted Values

Any valid URL, including protocol, hostname, and path. For example, https://rckms-prod-authoring.aimsplatform.com/ or https://mirror.rckms.dev/cat/ would be considered acceptable values.

MTS_RS_CORE_URI

Define the Kubernetes Service endpoint for MTS "Core" classified interactions.

Accepted Values

Any valid URL, including protocol, hostname, port (optionally inferred by protocol), and path. For example, http://mts.prd.svc.cluster.local:80/mts-rs-core would be considered an acceptable value for a service resource named mts, in the prd namespace, with a service port of 80 and a path value of mts-rs-core.

MTS_APP

Specify which MTS "application" to authenticate against.

Accepted Values

CAT is the only acceptable value.

MTS_USERNAME

Define RCKMS CAT user username to authenticate against MTS with.

Accepted Values

Any RCKMS CAT username value, but typically set to admin.

MTS_PASSWORD Secret

Define RCKMS CAT user password to authenticate against MTS with.

Accepted Values

The password for the user specified in MTS_USERNAME.

Logging Level Configuration

LOGGING_LEVEL Optional

This container is configured with , which gives engineers and operators more granular control over logging output in Node applications.

Accepted Values

debug Verbose logging. Useful for triaging.
info default Standard logging output.
warn Outputs log events classified as warnings or higher.
error Outputs log events classified as errors or higher.
fatal Only fatal, typically uncaught exceptions will be logged.
silent Disables all logging output.
trace Extremely verbose logging.

Sentry Configuration

SENTRY_DSN Optional

Enables Sentry error reporting and application performance monitoring.

If no value is provided, disables Sentry functionality.

Accepted Values

default
A valid Sentry DSN URL

SENTRY_ENVIRONMENT Optional

Additional metadata to enrich errors and metrics captured by Sentry.

Accepted Values

Any string value, preferably the name of the environment this workload is operating.

SENTRY_RELEASE Optional

Additional metadata to enrich errors and metrics captured by Sentry.

Accepted Values

Any string value, preferably the commit short SHA1 or container tag/version.

Probes

Liveness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /__/probes/liveness
Port: 8080 (must match container port)

Timings

Initial Delay of 15s
Period of 60s
Timeout of 5s

Thresholds

1 Successes
3 Failures

Readiness

Parameter

Value

Mode

HTTP (GET)

Arguments

Path: /__/probes/readiness
Port: 8080 (must match container port)

Timings

Initial Delay of 15s
Period of 15s
Timeout of 5s

Thresholds

1 Successes
3 Failures

Startup

This container does not utilize startup probes.

Resources

CPU (in millicores)

RAM (in MiB)

Storage (in GiB)

500

768

N/A

Technology Stack

Container uses Alpine Linux base image from the official Node repository, targeting the Node 14 LTS variant. Deploys an ExpressJS web server for routing requests.

Volume Mounts

This container does not mount any volumes.

Workload Identity

This container requires a Pod Service Account with the following role(s):

Cloud SQL Client / AWS RDS Client User
Google Cloud Storage / AWS S3 Bucket Maintainer
Google Cloud Storage / AWS S3 Bucket Object Creator
Google Cloud Storage / AWS S3 Bucket Object Editor

Code Owners

Name

Organization

HLN Consulting, LLC

charlie@hln.com

PreviousRRS NextSS

Last updated 2 years ago