Deploying the GDPR Application

GDPR is a component that makes your system and modules compliant with the General Data Protection Regulation (GDPR).

High-Level Architecture

GDPR is a microservice with its own release cycle. It is not included in the CloudBlue Commerce distribution package by default and must be installed to the platform as an APS application.

The GDPR microservice consists of these three components:

  • GDPR UI (or Frontend) hosted on the management node.
  • GDPR Backend hosted in a separate container on the service node with installed Kubernetes.
  • GDPR Database hosted on the OSS PostgreSQL server instance. It is a dedicated DB on the same server with another user and without access to the OSS-related tables. The application uses this database to keep the IDs of all removed entities. You need to create the database before deploying the GDPR application.

 

Installation Prerequisites

Before importing the GDPR package, ensure that:

Firewall Requirements

The following ports must be open on the CloudBlue Commerce management node and the micro-services node.

From To Protocol Port Purpose
CloudBlue Commerce Management Node

Micro-services node

TCP 8081 For GDPR service
Micro-services node CloudBlue Commerce Management Node TCP 8081 For GDPR service

Operations system database node

TCP 5432 For connection to the PostgreSQL database

Communication Notes

To pull the application images, the GDPR server requires access to the internet either via a separate network interface (FrontNet) or via a proxy.

How to Install the GDPR Component

To install the GDPR component, do the following:

  1. Connect to the Management Node under the root user via SSH.
  2. Run this command:

    /usr/local/bin/helm install a8n/gdpr-backend --version <gdpr_real_version> --name <gdpr.name> --wait --timeout 600 --set oauthkey=$(echo -n `uuidgen` | base64),oauthsecret=$(echo -n `uuidgen` | base64),dsdbname=<gdpr.dsdbname>,dslogin=$(echo -n <gdpr.dslogin> | b64encode),dspassword=$(echo -n <gdpr.dspassword> | b64encode),dshost=<gdpr.dshost>-postgresql
  3. Wait for the component to be installed.
  4. When finished, it will appear in the list of applications (in Operations PCP, go to Services > Applications).

Micro-Service Node Clean-up Procedure

In case of an issue during GDPR deployment, the deployment procedure is aborted. You need to clean up the Micro-services node prior to another deployment attempt. The clean-up procedure steps are described below.

  1. If a node has the same IP, re-register the node in the Operations panel. If it is a new node (meaning it has a new BackNet IP), do the following:
    • Register the new node as new in the Operations panel.
    • Assign the K8s attribute to the node.
  2. Clean up the 10.96.0.0/12 route:
    1. Check if the IP route to the network 10.96.0.0/12 is configured:

      ip route

      Example output:

      10.96.0.0/12 via 192.168.117.40 dev eth0
    2. Remove the 10.96.0.0/12 route by the ip route del command. For example:

      ip route del 10.96.0.0/12 via 192.168.117.40 dev eth0
  3. Clean up the /etc/resolve.conf file:
    1. Remove the line:

      nameserver 10.96.0.10
    2. Remove default.svc.cluster.local from the search.

      Before modification:

      cat /etc/resolv.conf

      search inernal.zone default.svc.cluster.local

      nameserver 10.96.0.10

      nameserver 10.28.0.17

      nameserver 10.28.0.18

      After modification:

      cat /etc/resolv.conf

      search internal.zone

      nameserver 10.28.0.17

      nameserver 10.28.0.18

  4. Remove helm by running these commands:

    rm /usr/local/bin/helm -f
    rm /root/.helm -rf
  5. Remove kubectl by running these commands:

    yum remove kubectl -y
    rm /root/.kube -rf
    rm /etc/yum.repos.d/kubernetes.repo -f