Additional System Requirements for a Distributed BPM System

A distributed BPM Enterprise system has additional architectural requirements.

The requirements for a distributed BPM system are shown in the following table.

Requirement Description
Load Balancer Manages HTTPS requests from BPM Enterprise clients across the nodes hosting BPM pods.
Note: The load balancer, database server, LDAP server, and SMTP server (if used) must each be available to each pod that is part of the BPM system.

For a high availability configuration, each of them must also be configured to provide high availability and fault tolerance.

Load Balancer

The load balancer must be configured as follows:

  • The BPM Enterprise HTTP port (default 8181) used for communication between BPM Enterprise and external clients must be configured for load balancing across the relevant pods.
  • Sticky connections should be used so that client session context is maintained. (If the server hosting this session dies the client will be logged out and need to log back in again.)

Kubernetes Service

apiVersion: v1
kind: Service
metadata:
  name: bpm-service
  namespace: ${K8SNAMESPACE}
  annotations: {}
spec:
  type: NodePort
  selector:
    app: bpm
    tier: backend
  ports:
  - protocol: TCP
    port: 8181
    targetPort: 8181

Kubernetes Ingress YAML Configuration

Note: This configuration is applicable for AWS application load balancer. 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
	name: "bpm-alb-ingress"
	namespace: ${K8SNAMESPACE}
	annotations:
		kubernetes.io/ingress.class: alb
		alb.ingress.kubernetes.io/scheme: internet-facing
		alb.ingress.kubernetes.io/certificate-arn: ${CERTIFICATE_ARN}
		# Sticky session duration is 7 days 604800 seconds
		alb.ingress.kubernetes.io/target-group-attributes:
		stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=604800

		alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80,"HTTPS":443}]'
		alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type":"redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443",
		"StatusCode": "HTTP_301"}}'
		alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
		alb.ingress.kubernetes.io/target-type: ip
		alb.ingress.kubernetes.io/healthcheck-port: traffic-port
		alb.ingress.kubernetes.io/healthcheck-path:/bpm/adapter/v1/liveness
spec:
	rules:
	- host: ${DNS_ALIAS_FQ_DOMAIN_NAME}
			http:
					paths:
							- path: /*
									backend:
												serviceName: ssl-redirect
												servicePort: use-annotation
							- path: /*
							backend:
												serviceName: bpm-service
												servicePort: 8181