From 893f37f38222511df2f853d8190df51b43338f21 Mon Sep 17 00:00:00 2001 From: Alessandro Cattapan Date: Sun, 29 Sep 2024 12:51:22 +0200 Subject: [PATCH 1/6] Added configuration to change the name of the hazelcast deployment --- charts/pega/charts/hazelcast/templates/_helpers.tpl | 9 +++++---- .../templates/clustering-service-deployment.yaml | 2 +- .../templates/clustering-service-environment-config.yaml | 2 +- charts/pega/charts/hazelcast/values.yaml | 3 +++ charts/pega/templates/_helpers.tpl | 5 +++-- 5 files changed, 13 insertions(+), 8 deletions(-) diff --git a/charts/pega/charts/hazelcast/templates/_helpers.tpl b/charts/pega/charts/hazelcast/templates/_helpers.tpl index bdc727080..d70f9c2ce 100644 --- a/charts/pega/charts/hazelcast/templates/_helpers.tpl +++ b/charts/pega/charts/hazelcast/templates/_helpers.tpl @@ -1,9 +1,10 @@ -{{- define "hazelcastName" -}} pega-hazelcast {{- end -}} -{{- define "hazelcastEnvironmentConfig" -}} pega-hz-env-config {{- end -}} +{{- define "hazelcastDeploymentName" }}{{ $hazelcastDeploymentName := .defaultname }}{{ if (.root.deployment) }}{{ if (.root.deployment.name) }}{{ $hazelcastDeploymentName = .root.deployment.name }}{{ end }}{{ end }}{{ $hazelcastDeploymentName }}{{- end -}} -{{- define "clusteringServiceName" -}} clusteringservice {{- end -}} -{{- define "clusteringServiceEnvironmentConfig" -}} clusteringservice-env-config {{- end -}} +{{- define "hazelcastName" -}}{{ include "hazelcastDeploymentName" (dict "root" .Values "defaultname" "pega-hazelcast" )}}{{- end -}} +{{- define "hazelcastEnvironmentConfig" -}}{{include "hazelcastName" .}}-env-config {{- end -}} +{{- define "clusteringServiceName" -}}{{ include "hazelcastDeploymentName" (dict "root" .Values "defaultname" "clusteringservice" )}}{{- end -}} +{{- define "clusteringServiceEnvironmentConfig" -}}{{include "clusteringServiceName" .}}-env-config {{- end -}} {{- define "isHazelcastEnabled" }} {{- if .Values.enabled -}} diff --git a/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml b/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml index 5a593bdfc..b9a661c77 100644 --- a/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml +++ b/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml @@ -39,7 +39,7 @@ spec: mountPath: "/opt/hazelcast/secrets" envFrom: - configMapRef: - name: {{ template "clusteringServiceEnvironmentConfig" }} + name: {{ template "clusteringServiceEnvironmentConfig" .}} resources: requests: cpu: "{{ .Values.resources.requests.cpu }}" diff --git a/charts/pega/charts/hazelcast/templates/clustering-service-environment-config.yaml b/charts/pega/charts/hazelcast/templates/clustering-service-environment-config.yaml index 6c2833cb8..9ebb1da73 100644 --- a/charts/pega/charts/hazelcast/templates/clustering-service-environment-config.yaml +++ b/charts/pega/charts/hazelcast/templates/clustering-service-environment-config.yaml @@ -2,7 +2,7 @@ kind: ConfigMap apiVersion: v1 metadata: - name: {{ template "clusteringServiceEnvironmentConfig" }} + name: {{ template "clusteringServiceEnvironmentConfig" . }} namespace: {{ .Release.Namespace }} data: # Key Value pairs diff --git a/charts/pega/charts/hazelcast/values.yaml b/charts/pega/charts/hazelcast/values.yaml index a130095cb..f3c5865c3 100644 --- a/charts/pega/charts/hazelcast/values.yaml +++ b/charts/pega/charts/hazelcast/values.yaml @@ -1,5 +1,8 @@ --- image: "YOUR_HAZELCAST_IMAGE:TAG" +# Change the name of the hazelcast deployment +# deployment: +# name: "pega-hazelcast" clusteringServiceImage: "YOUR_CLUSTERING_SERVICE_IMAGE:TAG" imagePullPolicy: "Always" # Enter the number of initial members in Hazelcast cluster. diff --git a/charts/pega/templates/_helpers.tpl b/charts/pega/templates/_helpers.tpl index 74377ad14..11c411082 100644 --- a/charts/pega/templates/_helpers.tpl +++ b/charts/pega/templates/_helpers.tpl @@ -476,10 +476,11 @@ servicePort: use-annotation {{- end -}} {{- define "hzServiceName" -}} +{{- $hzDict := dict "Values" .Values.hazelcast -}} {{- if and (not .Values.hazelcast.enabled) .Values.hazelcast.clusteringServiceEnabled -}} - {{ template "clusteringServiceName" }} + {{ template "clusteringServiceName" $hzDict }} {{- else -}} - {{ template "hazelcastName" }} + {{ template "hazelcastName" $hzDict }} {{- end -}} {{- end -}} From 49eb1c83cb4dca4d0a68787a767615488aa6b507 Mon Sep 17 00:00:00 2001 From: Alessandro Cattapan Date: Mon, 30 Sep 2024 00:43:16 +0200 Subject: [PATCH 2/6] Fixed templating for hazelcast deployment of version previous to Pega 8.7 --- .../pega/charts/hazelcast/templates/pega-hz-deployment.yaml | 2 +- .../hazelcast/templates/pega-hz-environment-config.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/pega/charts/hazelcast/templates/pega-hz-deployment.yaml b/charts/pega/charts/hazelcast/templates/pega-hz-deployment.yaml index 494c116ca..4683aa41d 100644 --- a/charts/pega/charts/hazelcast/templates/pega-hz-deployment.yaml +++ b/charts/pega/charts/hazelcast/templates/pega-hz-deployment.yaml @@ -35,7 +35,7 @@ spec: mountPath: "/opt/hazelcast/secrets" envFrom: - configMapRef: - name: {{ template "hazelcastEnvironmentConfig" }} + name: {{ template "hazelcastEnvironmentConfig" . }} resources: requests: cpu: "{{ .Values.resources.requests.cpu }}" diff --git a/charts/pega/charts/hazelcast/templates/pega-hz-environment-config.yaml b/charts/pega/charts/hazelcast/templates/pega-hz-environment-config.yaml index 53237e968..791da2632 100644 --- a/charts/pega/charts/hazelcast/templates/pega-hz-environment-config.yaml +++ b/charts/pega/charts/hazelcast/templates/pega-hz-environment-config.yaml @@ -2,13 +2,13 @@ kind: ConfigMap apiVersion: v1 metadata: - name: {{ template "hazelcastEnvironmentConfig" }} + name: {{ template "hazelcastEnvironmentConfig" .}} namespace: {{ .Release.Namespace }} data: # Key Value pairs NAMESPACE: {{ .Release.Namespace }} JAVA_OPTS: {{ .Values.server.java_opts | quote }} - SERVICE_NAME: {{ template "hazelcastName" }}-service + SERVICE_NAME: {{ template "hazelcastName" .}}-service MIN_CLUSTER_SIZE: {{ .Values.replicas | quote }} {{- if .Values.server.jmx_enabled }} JMX_ENABLED: {{ .Values.server.jmx_enabled | quote }} From cc68b38b87651b36631aaa8b5d30164f459d4bc8 Mon Sep 17 00:00:00 2001 From: Alessandro Cattapan Date: Mon, 30 Sep 2024 01:09:52 +0200 Subject: [PATCH 3/6] Created Unit Test for new functionality --- .../clustering-service-deployment_test.go | 41 +++++++++++ .../pega/clustering-service-service_test.go | 73 ++++++++++++++----- .../src/test/pega/pega-hz-deployment_test.go | 41 +++++++++++ .../src/test/pega/pega-hz-service_test.go | 69 ++++++++++++++---- 4 files changed, 192 insertions(+), 32 deletions(-) diff --git a/terratest/src/test/pega/clustering-service-deployment_test.go b/terratest/src/test/pega/clustering-service-deployment_test.go index 271f92ecd..bf59a5d58 100644 --- a/terratest/src/test/pega/clustering-service-deployment_test.go +++ b/terratest/src/test/pega/clustering-service-deployment_test.go @@ -68,6 +68,47 @@ func VerifyClusteringServiceDeployment(t *testing.T, yamlContent string) { } } +func TestClusteringServiceDeploymentName(t *testing.T) { + var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} + var supportedOperations = []string{"deploy", "install-deploy"} + + helmChartPath, err := filepath.Abs(PegaHelmChartPath) + require.NoError(t, err) + + for _, vendor := range supportedVendors { + + for _, operation := range supportedOperations { + + fmt.Println(vendor + "-" + operation) + + var options = &helm.Options{ + SetValues: map[string]string{ + "global.provider": vendor, + "global.actions.execute": operation, + "hazelcast.clusteringServiceEnabled": "true", + "hazelcast.deployment.name": "clusteringservice-test", + }, + } + + yamlContent := RenderTemplate(t, options, helmChartPath, []string{"charts/hazelcast/templates/clustering-service-deployment.yaml"}) + VerifyClusteringServiceDeploymentName(t, yamlContent) + + } + } +} + +func VerifyClusteringServiceDeploymentName(t *testing.T, yamlContent string) { + var statefulsetObj appsv1beta2.StatefulSet + statefulSlice := strings.Split(yamlContent, "---") + for index, statefulInfo := range statefulSlice { + if index >= 1 { + UnmarshalK8SYaml(t, statefulInfo, &statefulsetObj) + require.Equal(t, statefulsetObj.Name, "clusteringservice-test") + require.Equal(t, statefulsetObj.Spec.ServiceName, "clusteringservice-test-service") + } + } +} + func TestClusteringServiceDeploymentSecurityContext(t *testing.T) { var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} var supportedOperations = []string{"deploy", "install-deploy"} diff --git a/terratest/src/test/pega/clustering-service-service_test.go b/terratest/src/test/pega/clustering-service-service_test.go index 29d810ca0..0fbd88b30 100644 --- a/terratest/src/test/pega/clustering-service-service_test.go +++ b/terratest/src/test/pega/clustering-service-service_test.go @@ -1,42 +1,40 @@ package pega import ( + "fmt" + "path/filepath" + "strings" + "testing" + "github.com/gruntwork-io/terratest/modules/helm" "github.com/stretchr/testify/require" k8score "k8s.io/api/core/v1" intstr "k8s.io/apimachinery/pkg/util/intstr" - "path/filepath" - "strings" - "testing" - "fmt" ) - - -func TestClusteringService(t *testing.T){ - var supportedVendors = []string{"k8s","openshift","eks","gke","aks","pks"} - var supportedOperations = []string{"deploy","install-deploy"} +func TestClusteringService(t *testing.T) { + var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} + var supportedOperations = []string{"deploy", "install-deploy"} helmChartPath, err := filepath.Abs(PegaHelmChartPath) require.NoError(t, err) + for _, vendor := range supportedVendors { - for _,vendor := range supportedVendors{ - - for _,operation := range supportedOperations{ + for _, operation := range supportedOperations { fmt.Println(vendor + "-" + operation) var options = &helm.Options{ SetValues: map[string]string{ - "global.provider": vendor, - "global.actions.execute": operation, - "hazelcast.clusteringServiceEnabled": "true", + "global.provider": vendor, + "global.actions.execute": operation, + "hazelcast.clusteringServiceEnabled": "true", }, } yamlContent := RenderTemplate(t, options, helmChartPath, []string{"charts/hazelcast/templates/clustering-service-service.yaml"}) - VerifyClusteringService(t,yamlContent,options) + VerifyClusteringService(t, yamlContent, options) } } } @@ -55,4 +53,45 @@ func VerifyClusteringService(t *testing.T, yamlContent string, options *helm.Opt require.Equal(t, intstr.FromInt(5701), clusteringServiceObj.Spec.Ports[0].TargetPort) } } -} \ No newline at end of file +} + +func TestClusteringServiceName(t *testing.T) { + var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} + var supportedOperations = []string{"deploy", "install-deploy"} + + helmChartPath, err := filepath.Abs(PegaHelmChartPath) + require.NoError(t, err) + + for _, vendor := range supportedVendors { + + for _, operation := range supportedOperations { + + fmt.Println(vendor + "-" + operation) + + var options = &helm.Options{ + SetValues: map[string]string{ + "global.provider": vendor, + "global.actions.execute": operation, + "hazelcast.clusteringServiceEnabled": "true", + "hazelcast.deployment.name": "clustering-test", + }, + } + + yamlContent := RenderTemplate(t, options, helmChartPath, []string{"charts/hazelcast/templates/clustering-service-service.yaml"}) + VerifyClusteringServiceName(t, yamlContent, options) + } + } +} + +func VerifyClusteringServiceName(t *testing.T, yamlContent string, options *helm.Options) { + var clusteringServiceObj k8score.Service + serviceSlice := strings.Split(yamlContent, "---") + for index, serviceInfo := range serviceSlice { + if index >= 1 { + UnmarshalK8SYaml(t, serviceInfo, &clusteringServiceObj) + require.Equal(t, "clustering-test-service", clusteringServiceObj.Name) + require.Equal(t, "Hazelcast", clusteringServiceObj.Spec.Selector["component"]) + require.Equal(t, "clustering-test", clusteringServiceObj.Spec.Selector["app"]) + } + } +} diff --git a/terratest/src/test/pega/pega-hz-deployment_test.go b/terratest/src/test/pega/pega-hz-deployment_test.go index 172b5dd4a..22c0c4ddf 100644 --- a/terratest/src/test/pega/pega-hz-deployment_test.go +++ b/terratest/src/test/pega/pega-hz-deployment_test.go @@ -65,6 +65,47 @@ func VerifyHazelcastDeployment(t *testing.T, yamlContent string) { } } +func TestHazelcastDeploymentName(t *testing.T) { + var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} + var supportedOperations = []string{"deploy", "install-deploy"} + + helmChartPath, err := filepath.Abs(PegaHelmChartPath) + require.NoError(t, err) + + for _, vendor := range supportedVendors { + + for _, operation := range supportedOperations { + + var options = &helm.Options{ + SetValues: map[string]string{ + "global.provider": vendor, + "global.actions.execute": operation, + "hazelcast.enabled": "true", + "hazelcast.deployment.name": "hz-test", + }, + } + + yamlContent := RenderTemplate(t, options, helmChartPath, []string{"charts/hazelcast/templates/pega-hz-deployment.yaml"}) + VerifyHazelcastDeploymentName(t, yamlContent) + + } + } +} + +func VerifyHazelcastDeploymentName(t *testing.T, yamlContent string) { + var statefulsetObj appsv1beta2.StatefulSet + statefulSlice := strings.Split(yamlContent, "---") + for index, statefulInfo := range statefulSlice { + if index >= 1 { + UnmarshalK8SYaml(t, statefulInfo, &statefulsetObj) + require.Equal(t, statefulsetObj.Name, "hz-test") + require.Equal(t, statefulsetObj.Spec.ServiceName, "hz-test-service") + statefulsetSpec := statefulsetObj.Spec.Template.Spec + require.Equal(t, statefulsetSpec.Volumes[1].Projected.Sources[0].Secret.Name, "pega-hz-secret") + } + } +} + func TestHazelcastDeploymentWithPodAffinity(t *testing.T) { var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} var supportedOperations = []string{"deploy", "install-deploy"} diff --git a/terratest/src/test/pega/pega-hz-service_test.go b/terratest/src/test/pega/pega-hz-service_test.go index b918a85c2..b15b8a163 100644 --- a/terratest/src/test/pega/pega-hz-service_test.go +++ b/terratest/src/test/pega/pega-hz-service_test.go @@ -1,29 +1,27 @@ package pega import ( + "fmt" + "path/filepath" + "strings" + "testing" + "github.com/gruntwork-io/terratest/modules/helm" "github.com/stretchr/testify/require" k8score "k8s.io/api/core/v1" intstr "k8s.io/apimachinery/pkg/util/intstr" - "path/filepath" - "strings" - "testing" - "fmt" ) - - -func TestHazelcastService(t *testing.T){ - var supportedVendors = []string{"k8s","openshift","eks","gke","aks","pks"} - var supportedOperations = []string{"deploy","install-deploy"} +func TestHazelcastService(t *testing.T) { + var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} + var supportedOperations = []string{"deploy", "install-deploy"} helmChartPath, err := filepath.Abs(PegaHelmChartPath) require.NoError(t, err) + for _, vendor := range supportedVendors { - for _,vendor := range supportedVendors{ - - for _,operation := range supportedOperations{ + for _, operation := range supportedOperations { fmt.Println(vendor + "-" + operation) @@ -31,12 +29,12 @@ func TestHazelcastService(t *testing.T){ SetValues: map[string]string{ "global.provider": vendor, "global.actions.execute": operation, - "hazelcast.enabled": "true", + "hazelcast.enabled": "true", }, } yamlContent := RenderTemplate(t, options, helmChartPath, []string{"charts/hazelcast/templates/pega-hz-service.yaml"}) - VerifyHazelcastService(t,yamlContent,options) + VerifyHazelcastService(t, yamlContent, options) } } } @@ -55,4 +53,45 @@ func VerifyHazelcastService(t *testing.T, yamlContent string, options *helm.Opti require.Equal(t, intstr.FromInt(5701), hazelcastServiceObj.Spec.Ports[0].TargetPort) } } -} \ No newline at end of file +} + +func TestHazelcastServiceName(t *testing.T) { + var supportedVendors = []string{"k8s", "openshift", "eks", "gke", "aks", "pks"} + var supportedOperations = []string{"deploy", "install-deploy"} + + helmChartPath, err := filepath.Abs(PegaHelmChartPath) + require.NoError(t, err) + + for _, vendor := range supportedVendors { + + for _, operation := range supportedOperations { + + fmt.Println(vendor + "-" + operation) + + var options = &helm.Options{ + SetValues: map[string]string{ + "global.provider": vendor, + "global.actions.execute": operation, + "hazelcast.enabled": "true", + "hazelcast.deployment.name": "hz-test", + }, + } + + yamlContent := RenderTemplate(t, options, helmChartPath, []string{"charts/hazelcast/templates/pega-hz-service.yaml"}) + VerifyHazelcastServiceName(t, yamlContent, options) + } + } +} + +func VerifyHazelcastServiceName(t *testing.T, yamlContent string, options *helm.Options) { + var hazelcastServiceObj k8score.Service + serviceSlice := strings.Split(yamlContent, "---") + for index, serviceInfo := range serviceSlice { + if index >= 1 { + UnmarshalK8SYaml(t, serviceInfo, &hazelcastServiceObj) + require.Equal(t, "hz-test-service", hazelcastServiceObj.Name) + require.Equal(t, "Hazelcast", hazelcastServiceObj.Spec.Selector["component"]) + require.Equal(t, "hz-test", hazelcastServiceObj.Spec.Selector["app"]) + } + } +} From 9aa9ed533e4a42deb43c3bd96020dc75224d420c Mon Sep 17 00:00:00 2001 From: Alessandro Cattapan Date: Mon, 30 Sep 2024 01:15:19 +0200 Subject: [PATCH 4/6] Updated documentation --- charts/pega/README.md | 3 +++ charts/pega/charts/hazelcast/README.md | 2 ++ 2 files changed, 5 insertions(+) diff --git a/charts/pega/README.md b/charts/pega/README.md index 4dc6b5b42..92b46eaf4 100644 --- a/charts/pega/README.md +++ b/charts/pega/README.md @@ -1235,6 +1235,7 @@ here: [Additional Parameters](charts/hazelcast/README.md) Parameter | Description | Default value --- | --- | --- +`hazelcast.deployment.name` | Name used for the hazelcast deployment. | `pega-hazelcast` `hazelcast.image` | Reference the `platform/clustering-service` Docker image that you downloaded and pushed to your Docker registry that your deployment can access. | `YOUR_HAZELCAST_IMAGE:TAG` `hazelcast.clusteringServiceImage` | Reference the `platform/clustering-service` Docker image that you downloaded and pushed to your Docker registry that your deployment can access. | `YOUR_CLUSTERING_SERVICE_IMAGE:TAG` `hazelcast.enabled` | Set to `true` if client-server deployment of Pega Platform is required; otherwise leave set to `false`. Note: To avoid an installation failure, you must set this value to `false` for Pega platform deployments using versions before 8.6. | `true` @@ -1251,6 +1252,8 @@ Parameter | Description | Default value #### Example ```yaml hazelcast: + deployment: + name: "pega-hazelcast" image: "YOUR_HAZELCAST_IMAGE:TAG" clusteringServiceImage: "YOUR_CLUSTERING_SERVICE_IMAGE:TAG" enabled: true diff --git a/charts/pega/charts/hazelcast/README.md b/charts/pega/charts/hazelcast/README.md index 6e9768011..ac98738af 100644 --- a/charts/pega/charts/hazelcast/README.md +++ b/charts/pega/charts/hazelcast/README.md @@ -53,6 +53,8 @@ Name | Description #### Example ```yaml +deployment: + name: pega-hazelcast image: "YOUR_HAZELCAST_IMAGE:TAG" clusteringServiceImage: "YOUR_CLUSTERING_SERVICE_IMAGE:TAG" imagePullPolicy: "Always" From 3727435ca45d49e03e1b0eede37537705fa1768b Mon Sep 17 00:00:00 2001 From: Alessandro Cattapan Date: Fri, 1 Nov 2024 12:27:37 +0100 Subject: [PATCH 5/6] Removed with space --- .../hazelcast/templates/clustering-service-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml b/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml index b86614413..982a42e4f 100644 --- a/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml +++ b/charts/pega/charts/hazelcast/templates/clustering-service-deployment.yaml @@ -39,7 +39,7 @@ spec: mountPath: "/opt/hazelcast/secrets" envFrom: - configMapRef: - name: {{ template "clusteringServiceEnvironmentConfig" . }} + name: {{ template "clusteringServiceEnvironmentConfig" .}} {{- if .Values.containerSecurityContext }} securityContext: {{ toYaml .Values.containerSecurityContext | indent 10 }} From 2b7bfc925a73defb932d7aac1d2db9fc5932755e Mon Sep 17 00:00:00 2001 From: Alessandro Cattapan Date: Sat, 2 Nov 2024 12:06:09 +0100 Subject: [PATCH 6/6] Added . in front of path for values.yaml file in README of addons --- charts/addons/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/addons/README.md b/charts/addons/README.md index 66d733f1c..5a0400879 100644 --- a/charts/addons/README.md +++ b/charts/addons/README.md @@ -98,7 +98,7 @@ When deploying on Azure AKS, you can use an Application Gateway Ingress Controll After you create the deployment ingress controller, in the Addons Helm chart, disable Traefik (set `traefik.enabled` to `false`), enable AGIC (set `ingress-azure.enabled` to `true`) and add the AGIC gateway configuration details from your AKS deployment. -To authenticate with the AGIC in your AKS cluster, generate a kubernetes secret from an Active Directory Service Principal that is based on your AKS subscription ID. You must encode the Service Principal with base64 and add the result to the `armAuth.secretJSON` field. For details, see the comments in the addons [values.yaml](/values.yaml) or the [AKS runbook](../../docs/Deploying-Pega-on-AKS.md). +To authenticate with the AGIC in your AKS cluster, generate a kubernetes secret from an Active Directory Service Principal that is based on your AKS subscription ID. You must encode the Service Principal with base64 and add the result to the `armAuth.secretJSON` field. For details, see the comments in the addons [values.yaml](./values.yaml) or the [AKS runbook](../../docs/Deploying-Pega-on-AKS.md). As an authentication alternative, you can configure an AAD Pod Identity to manage authentication access with the AGIC in your cluster via the Azure Resource Manager. For details, see [Set up AAD Pod Identity](https://docs.microsoft.com/en-us/azure/application-gateway/ingress-controller-install-existing#set-up-aad-pod-identity).