Configure the Swimlane Platform for an Embedded Cluster Install

when you need to access the spi ui after the initial install you can access it by access port 8800 over https on any node ip (e g https // 8800) all configuration of the swimlane platform installer and swimlane platform must be done through the spi admin console config page editing or manipulating the underlying kubernetes resources is not supported and will not be permanent since they are managed and controlled by the swimlane platform installer to configure the swimlane platform for an embedded cluster install on swimlane settings, you'll begin setting up your configuration for swimlane review and set the following fields as necessary expose the swimlane web service externally? enable this option when using a layer 7 load balancer the swimlane web service will be directly exposed from each node in the cluster on tcp port 4443 enable the ingress controller enable this option when using a layer 4 load balancer or for single node lab/test environments the included ingress controller will be used for routing web requests to swimlane on tcp port 443 swimlane hostname the dns record pointing to the swimlane platform installer and swimlane platform load balancer upload a certificate for swimlane web? enable this option to upload a certificate and key to be used for the included ingress controller if no certificate is uploaded a self signed one will be generated and used the certificate must be ascii encoded x 509 format the private key cannot be password protected upload a certificate for swimlane web backend? enable this option to upload a certificate and key to be used by the backend swimlane web service if no certificate is uploaded a self signed one will be used swimlane web cors headers enable this option to set http cross origin resource sharing headers for swimlane web a list of options relevant to cors headers will appear below and if left blank, they will be set with the default values specified next to each option if this option is disabled, no cors headers will be set for swimlane web swimlane web cors header access control allow origin determine whether to override the value for the http access control allow origin header https //developer mozilla org/en us/docs/web/http/headers/access control allow origin swimlane web cors header access control allow headers determine whether to override the value for the http access control allow headers header https //developer mozilla org/en us/docs/web/http/headers/access control allow headers swimlane web cors header access control allow methods determine whether to override the value for the http access control allow methods header https //developer mozilla org/en us/docs/web/http/headers/access control allow methods swimlane web csp header enable this option to set the http content security policy header for swimlane web a new option will appear below to override the csp header, if left blank it will get set to the default value if this option is disabled, no csp header will be set for swimlane web swimlane web content security policy header determine whether to override the value for the http content security policy header https //developer mozilla org/en us/docs/web/http/headers/content security policy next, set the logging settings asp net hosting environment set this option to development to have stack traces sent to the browser for 500 errors set this option to production to not send them enable swimlane audit logging enable this option to log raw swimlane api requests and responses into swimlane pods swimlane logging level set this option to specify the logging level for swimlane pods determine whether to override the openssl settings for cipherstring and minprotocol for outgoing secure connections that originate from api and tasks pods important since outgoing secure connections include requests to the swimlane api service, there are limitations to what can be set for these values in order to not break your deployment of swimlane minprotocol should not be set to anything higher than tlsv1 2, and cipherstring can be set to the highest security level like high\@seclevel=5 or default\@seclevel=5 next, determine whether to enable the swimlane syslog receiver and the selenium chromedriver next, determine whether you want mongo to be exposed for external access, and whether to upload pip config for api and tasks if you have third party certificates for api and tasks, click upload additional trusted certificates for api and tasks? and then browse for and upload your certificates next, choose whether to enable or disable a pod liveness probe for the api and tasks pods the default liveness probe setting for api pods is disabled and for tasks pods is enabled on initial mongodb settings, enter the appropriate encryption keys and passwords for your swimlane database and mongodb you can skip this step if you are using an external mongodb cluster for more information, see deploy with an external mongodb cluster docid\ aifrfd6ca k0esuklglgo important! do not change the mongodb settings after installation doing so will break your deployment of swimlane here are the acceptable special characters to use in keys and passwords !@#$%^& () =+/\[]| ;<,> ?` next, if you have 3 or more nodes in your cluster, click ha environment and set the number of pods for each type important! the number of mongodb replicas must be at least 3 and an odd number once you have multiple mongodb replicas, you cannot go down to one if you have an ha cluster, confirm the recommended default settings for web/api/tasks/reports antiaffinity (soft) and mongodb pod antiaffinity (hard) then, click save config important! the mongodb pod antiaffinity settings should not be changed after installation doing so could break your deployment of swimlane when you save the configuration, preflight checks for your installation begin once the preflight checks process, the swimlane installer admin console opens once the status of your application says ready you have a successful installation of swimlane