LogoLogo
API Documentation
Version 1.19.5 and Older
Version 1.19.5 and Older
  • DecisionRules Documentation
  • API
    • API Introduction
    • API Keys
      • Solver API Keys
      • Management API keys
      • BI API keys
    • Rule Solver API
    • Management API
      • Deprecated Endpoints
    • Console Logs API
    • Business Intelligence API
      • Deprecated Endpoints
    • Datacenters & Locations
      • Global Cloud
      • Regional Cloud
    • Apache Kafka Solver API
    • Endpoint Settings
    • Archive
      • Rule Flow Solver API (DEPRECATED)
  • Decision tables
    • Decision Tables Introduction
    • Table Designer
    • Input & Output JSON Model
      • Simple Editor
      • JSON Editor
      • Binding to Model
    • Supported Data Types
    • Operators and Functions
      • Basic operators
      • Date operators
      • Functions
        • Logical Functions
        • Math Functions
        • Date and Time Functions
        • Text Functions
        • Data Functions
        • Array Functions
        • Integration functions
        • Functions and JSON
    • Export & Import of Decision Tables
      • Export Decision Table
      • Import Decision Table
      • File Structure of JSON Format
      • Managing Decision Table in Excel/Google Sheets
      • Deprecated Formats: XLSX v.1 and CSV
    • Table Operations
      • Filter Values
      • Valid Values
      • Sorting
  • Decision Trees
    • Decision Trees Introduction
    • Decision Tree Designer
    • Export & Import Decision Trees
      • Export Decision Tree
      • Import Decision Tree
  • Scripting Rules
    • Scripting Rule Introduction
    • Custom functions in Scripting Rules
    • Calling external API within ScriptingRules
    • Use Rule Variables in Scripting Rules
    • Call Embedded Rules in Scripting Rules
    • Export & Import Scripting Rules
      • Export Scripting Rule
      • Import Scripting Rule
    • Tips
  • Rule Flow
    • Rule Flow Designer
    • Rule Flow Mapping
    • Rule States in Rule Flow
    • Warnings & Errors
    • Rule Flow Limits
    • Export & Import Rule Flows
      • Export Rule Flow
      • Import Rule Flow
  • Workflow
    • Workflow Introduction
    • Workflow Designer
    • Workflow Nodes Overview
    • Workflow Limits
  • Other
    • Rule Alias
    • Execution Strategy
    • Rule State
    • Rule Versioning
    • Favorite Rules
    • Rule Variables
    • Rule Comparison
      • Decision Table Comparison
      • Decision Tree Comparison
      • Scripting Rule Comparison
    • Rule Tags
    • Rule Dependencies
    • Test Bench
    • Single Sign-On (SSO)
    • Event timeline
    • Rule Lock
    • Rule Migration Strategies
    • Changes in Version 1.19.0 (10/2024)
  • Organizations
    • Introduction
      • Access to Organization
    • Structure
      • Organization Roles
      • Members
      • Teams
      • Spaces
      • Space Roles
      • Policies
      • Settings
  • Teamwork
    • Dashboard
    • Folders
    • Spaces
    • Manage Spaces
    • Share Rules Between Spaces
    • Users & Roles
    • Teamwork Indicator
  • SDK and Integrations
    • Languages / Frameworks
      • SQL Server
      • Oracle PL/SQL
      • PostgreSQL
      • JavaScript
      • Java Spring Example
      • PHP Library
      • Python Library
      • .NET Library
      • Google Tag Manager
    • Excel Add-in
  • Business Intelligence
    • Audit Logs
    • Create a Power BI Report
    • Connect Power BI to Business Intelligence API
    • Connecting from Power BI (deprecated)
    • Connect DecisionRules to Power BI Using Our Custom Connector
  • Billing
    • Invoices & Billing
    • Change Product Plan
    • Billing Information
    • Plan Limits Explained
  • Regional Cloud
    • Regional Cloud
    • Region Specific API URLs
  • On-Premise / Docker
    • Environment Variables
    • Redis Connection Modes
    • Setup Single Sign-On (SSO)
      • Set up Microsoft Entra ID SSO
      • Set up Google SSO
    • DecisionRules Application
      • Minimal Requirements
      • DecisionRules Server
      • DecisionRules Client
      • DecisionRules Business Intelligence
      • Networking Between Docker Containers
    • Docker Showcase App
      • Showcase
      • Showcase + Business Intelligence
    • AWS Setup
      • AWS ECS/Fargate
      • Cache - Amazon ElastiCache
    • Microsoft Azure Setup
      • Database - Azure CosmosDB
      • Cache - Azure Cache for Redis
      • Azure Container Apps
    • Azure Red Hat OpenShift
    • Google Kubernetes Engine (GKE)
    • Kubernetes Setup
      • Kubernetes Setup with Business Intelligence
    • Logging options
    • CD/CI Pipelines
      • Azure DevOps CICD Pipelines
      • Using Migration script (old way)
    • Offline License
  • Terms & Conditions
    • Terms and Conditions
    • Privacy Policy
    • Service Level Agreement
      • Community Support
      • Standard Cloud (SaaS)
      • Silver SLA
      • Gold SLA
      • Custom SLA
    • Sub-Processor List
  • Roadmap 🚲 🗺️
  • Release Notes
    • Public Cloud
    • On-Premise / Private Cloud
Powered by GitBook
On this page
  • Prerequisites:
  • Mandatory GCP APIs and services:
  • Creating Memorystore Redis instance
  • Creating GKE cluster
  • Setting up GKE cluster
  • Creating DecisionRules namespace:
  • Install cert-manager
  • Install Ingress:
  • Deploying Ingress:
  • Deploy app

Was this helpful?

  1. On-Premise / Docker

Google Kubernetes Engine (GKE)

This document describes end-to-end deployment process of DecisionRules app for Google Kubernetes Engine.

Prerequisites:

  1. DecisionRules docker images for both client and server.

  2. MongoDB database with administrator access.

  3. GCP account with activated billing account.

If it is first time you work with GCP some services and APIs may be disabled by default, you have to activate them in order to continue.

Mandatory GCP APIs and services:

  1. Kubernetes Engine API

  2. Memorystore

  3. Certificate Manager

Creating Memorystore Redis instance

  1. Click on “Create Instance” on Memorystore page

  2. Set desired configuration of Redis

  3. Click “Create”

Price of Redis instance depends on configuration settings, please think this through before create too powerful and too expensive instances that are not really needed. Cost estimation is on the left side of form.

After creating Redis instance copy primary endpoint IPv4 address. This address will be used for decisionrules/server later.

Creating GKE cluster

Use a Standard cluster, because the Autopilot feature is broken and doesn’t work properly. This is very important and you won't be able to proceed with Autopilot.

  1. Set the name of the cluster

  2. Choose desired Location type

    1. Zonal picks one zone in region

    2. Regional picks one region with all zones included

  3. Choose control plane version

    1. Depends on if you want static GKE version or not.

  4. Configure nodepools

    1. On the Nodes page you can configure which VMs will be deployed in Kubernetes node(s). This depends on the requirements of the system.

    2. Leave disk as is if there are no requirements for specific settings.

  5. Configure Node-pool

    1. Here we choose the number of nodes we want to spin up in our Kubernetes cluster

    2. We can also enable autoscaler and node locations

  6. Click “Create”

Setting up GKE cluster

Connect to the cluster with google cloud shell (recommended) or setup your own SSH connection with your favorite terminal.

Connect to the cluster with this command:

gcloud container clusters get-credentials <CLUSTER_NAME> --zone=<CLUSTER_ZONE> --project=<PROJECT_WITH_CLUSTER>

--zone parameter also accepts regions

Check that you are connected to the right cluster by verifying cluster node that you specified earlier by command:

kubectl get nodes

You should see something like this:

NAME                                        STATUS ROLES AGE VERSION 
gke-dr-cluster-1-default-pool-ed5a4901-fkkp Ready <none> 24h v1.25.8-gke.1000 gke-dr-cluster-1-default-pool-ed5a4901-qns3 Ready <none> 24h v1.25.8-gke.1000

Creating DecisionRules namespace:

Create a yaml file with the following contents:

apiVersion: v1
kind: Namespace
metadata:
  name: decisionrules
  labels:
    name: decisionrules

You can just redirect the standard output of the echo command to a yaml file in bash or open any editor that your terminal offers (GCP - Active Cloud Shell offers nano afaik).

Then apply these settings:

kubectl apply -f namespace.yaml

kubectl apply -f <file_path> command will be used many times from now and its syntax is always the same.

So every time you read that you should apply something use this command + file creation/editing.

You can verify that your namespace is created by running:

kubectl get namespaces | grep decisionrules

Install cert-manager

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml

Check that cert-manager is installed properly with kubectl get all -n cert-manager

You should see something like this:

NAME                                           READY   STATUS    RESTARTS      AGE
pod/cert-manager-655bf9748f-c9wdj              1/1     Running   1 (24h ago)   25h
pod/cert-manager-cainjector-7985fb445b-l5dgn   1/1     Running   3 (24h ago)   25h
pod/cert-manager-webhook-6dc9656f89-89dk8      1/1     Running   0             25h

NAME                           TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
service/cert-manager           ClusterIP   XX.XX.X.XXX   <none>        9402/TCP   25h
service/cert-manager-webhook   ClusterIP   XX.XX.X.XX    <none>        443/TCP    25h

NAME                                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/cert-manager              1/1     1            1           25h
deployment.apps/cert-manager-cainjector   1/1     1            1           25h
deployment.apps/cert-manager-webhook      1/1     1            1           25h

NAME                                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/cert-manager-655bf9748f              1         1         1       25h
replicaset.apps/cert-manager-cainjector-7985fb445b   1         1         1       25h
replicaset.apps/cert-manager-webhook-6dc9656f89      1         1         1       25h

Now apply the ClusterIssuer class

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
 name: letsencrypt-test-dr
 namespace: decisionrules
spec:
 acme:
   server: your_cert_server
   email: your_email
   privateKeySecretRef:
     name: letsencrypt-test-dr
   solvers:
   - http01:
       ingress:
         class: nginx

name is important, because you need that for further settings, remember that.

Now apply Issuer class

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: ca-issuer
  namespace: decisionrules
spec:
  ca:
    secretName: ca-key-pair

Now we can apply cert as is described here:

Install Ingress:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.0/deploy/static/provider/cloud/deploy.yaml

Deploying Ingress:

apply file below

apiVersion: v1
kind: Service
metadata:
  name: decisionrules-client-service
  namespace: decisionrules
spec:
  selector:
    app: decisionrules-client
  ports:
    - port: 80
---
apiVersion: v1
kind: Service
metadata:
  name: decisionrules-server-service
  namespace: decisionrules
spec:
  selector:
    app: decisionrules-server
  ports:
    - port: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: decisionrules-ingress
  namespace: decisionrules
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: "/"
    cert-manager.io/cluster-issuer: <name_clusterissuer_class>
    kubernetes.io/ingress.class: "nginx"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - yourdomain.local
    - api.yourdomain.local
    secretName: echo-tls
  rules:
  - host: yourdomain.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: decisionrules-client-service
            port:
              number: 80
  - host: api.yourdomain.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: decisionrules-server-service
            port:
              number: 8080

We can check that ingress is up and running by running commad: kubectl get all -n ingress-nginx

You should see something like this:

NAME                                            READY   STATUS      RESTARTS   AGE
pod/ingress-nginx-admission-create-mlvkt        0/1     Completed   0          26h
pod/ingress-nginx-admission-patch-v9b7l         0/1     Completed   0          26h
pod/ingress-nginx-controller-6bc476f787-2xr8g   1/1     Running     0          26h

NAME                                         TYPE           CLUSTER-IP     EXTERNAL-IP      PORT(S)                      AGE
service/ingress-nginx-controller             LoadBalancer   XX.XX.XX.XX   XX.XXX.XXX.XXX   80:31163/TCP,443:31959/TCP   26h
service/ingress-nginx-controller-admission   ClusterIP      XX.XX.X.XXX    <none>           443/TCP                      26h

NAME                                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ingress-nginx-controller   1/1     1            1           26h

NAME                                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/ingress-nginx-controller-6bc476f787   1         1         1       26h

NAME                                       COMPLETIONS   DURATION   AGE
job.batch/ingress-nginx-admission-create   1/1           6s         26h
job.batch/ingress-nginx-admission-patch    1/1           6s         26h

Obtain IPv4 address of Ingress for DNS A record:

Run command: kubectl get ingress --namespace=decisionrules

You should see something like this:

NAME                    CLASS   HOSTS                                           ADDRESS          PORTS     AGE
decisionrules-ingress   nginx   yourdomain_api.com,yourdomain_app.com           XXX.XXX.XXX.XXX   80, 443   26h

Deploy app

Please, be aware of container resource consuptions, because if you exceed your MVs HW limits you wont be able to deploy pods.

For DB security you can add PODs IPs to the network access rules. You can obtain these addresses with command below:

kubectl get pod -o wide

apiVersion: apps/v1
kind: Deployment
metadata:
  name: decisionrules-client
  namespace: decisionrules
spec:
  replicas: 2
  selector:
    matchLabels:
      app: decisionrules-client
  strategy: 
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 2
      maxUnavailable: 0
  template:
    metadata:
      labels:
        app: decisionrules-client
    spec:
      containers:
      - name: decisionrules-client
        image: decisionrules/client
        resources:
          requests:
            cpu: 250m
            memory: 128Mi
          limits:
            cpu: 500m
            memory: 256Mi
        ports:
        - containerPort: 80
        env:
        - name: API_URL
          value: "https://api.yourdomain.local" #must be changed
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: decisionrules-server
  namespace: decisionrules
spec:
  replicas: 2
  selector:
    matchLabels:
      app: decisionrules-server
  strategy: 
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 2
      maxUnavailable: 0
  template:
    metadata:
      labels:
        app: decisionrules-server
    spec:
      containers:
      - name: decisionrules-server
        image: decisionrules/server
        resources:
          requests:
            cpu: 1000m
            memory: 300Mi
          limits:
            cpu: 2000m
            memory: 600Mi
        ports:
        - containerPort: 8080
        env:
        - name: REDIS_URL
          value: "" # must be filled
        - name: MONGO_DB_URI
          value: "" # must be filled
        - name: CLIENT_URL
          value: "https://yourdomain.local/#" # must be changed and end with "/#"
        - name: API_URL
          value: "https://api.yourdomain.local" # this is only necessary with certain deployment models
        - name: LICENSE_KEY
          value: "" # must be filled.yaml
        livenessProbe:
          httpGet:
            path: /health-check
            port: 8080
          initialDelaySeconds: 30
          periodSeconds: 30
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: decisionrules-server-autoscaling
  namespace: decisionrules
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: decisionrules-server
  minReplicas: 1
  maxReplicas: 10
  targetCPUUtilizationPercentage: 60

Apply changed configuration above.

Then, you can verify that everything is running by running command: kubectl get all -n decisionrules

You should see something like this:

NAME                                        READY   STATUS    RESTARTS   AGE
pod/decisionrules-client-5b6bd4494-2gm6m    1/1     Running   0          144m
pod/decisionrules-server-7bc5d6888b-lt92s   1/1     Running   0          144m

NAME                                   TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
service/decisionrules-client-service   ClusterIP   XX.XX.XX.XXX   <none>        80/TCP     23h
service/decisionrules-server-service   ClusterIP   XX.XX.X.XXX    <none>        8080/TCP   23h

NAME                                   READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/decisionrules-client   1/1     1            1           144m
deployment.apps/decisionrules-server   1/1     1            1           144m

NAME                                              DESIRED   CURRENT   READY   AGE
replicaset.apps/decisionrules-client-5b6bd4494    1         1         1       144m
replicaset.apps/decisionrules-server-7bc5d6888b   1         1         1       144m

NAME                                                                   REFERENCE                         TARGETS   MINPODS   MAXPODS   REPLICAS   AGE
horizontalpodautoscaler.autoscaling/decisionrules-server-autoscaling   Deployment/decisionrules-server   0%/60%    1         10        1          144m

Now just add Ingress IPv4 address to your DNS and its done. App is available on hostname you specified earlier with TLS working.

Was this helpful?

Using Google-managed SSL certificates  |  Google Kubernetes Engine (GKE)  |  Google CloudGoogle Cloud
Using google-managed SSL certificates
Logo