Additional System Requirements for a Distributed BPM System
A distributed TIBCO BPM Enterprise system has additional architectural requirements.
The requirements for a distributed BPM system are shown in the following table.
Requirement | Description |
---|---|
Load Balancer | Manages HTTPS requests from TIBCO BPM Enterprise clients across the nodes hosting BPM pods. |
Note: The load balancer, the database server, the LDAP server, and the SMTP server (if used) must each be available to each pod that is part of the BPM system.
For a high availability configuration, each of them must also be configured to provide high availability and fault tolerance.
Load Balancer
The load balancer must be configured as follows:
- TIBCO BPM Enterprise HTTP port (Default: 8181) used for communication between TIBCO BPM Enterprise and external clients must be configured for load balancing across the relevant pods.
- Sticky connections should be used so that client session context is maintained. (If the server hosting this session dies, the client is logged out and you need to log in again.)
Kubernetes Service
apiVersion: v1 kind: Service metadata: name: bpm-service namespace: ${K8SNAMESPACE} annotations: {} spec: type: NodePort selector: app: bpm tier: backend ports: - protocol: TCP port: 8181 targetPort: 8181
Kubernetes Ingress YAML Configuration
Note: This configuration is applicable for AWS application load balancer.
The following configuration is for illustration purposes only.
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: "bpm-alb-ingress" namespace: ${K8SNAMESPACE} annotations: kubernetes.io/ingress.class: alb alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/certificate-arn: ${CERTIFICATE_ARN} # Sticky session duration is 7 days 604800 seconds alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=604800 alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80,"HTTPS":443}]' alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type":"redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' alb.ingress.kubernetes.io/healthcheck-protocol: HTTP alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/healthcheck-port: traffic-port alb.ingress.kubernetes.io/healthcheck-path:/bpm/adapter/v1/liveness spec: rules: - host: ${DNS_ALIAS_FQ_DOMAIN_NAME} http: paths: - path: /* backend: serviceName: ssl-redirect servicePort: use-annotation - path: /* backend: serviceName: bpm-service servicePort: 8181