Getting Started

Overview
This section presents how to quickly run the WorkflowGen container with a minimal architecture on Kubernetes.
There are known limitations when using Hyper-V isolation with the WorkflowGen container in WorkflowGen versions 7.19.x and earlier. It's recommended to use process isolation exclusively. This limitation no longer applies as of WorkflowGen version 7.20.0.
Kubernetes with AKS
This example is designed for Azure Kubernetes Service (AKS). To get started with AKS, see the Create a Windows Server container on an Azure Kubernetes Service (AKS) cluster using the Azure CLI Microsoft article.
Architecture overview
At the end of this section, you'll have this cluster configuration:
Azure resources view
Kubernetes objects view
Every container in the cluster will have access to the configuration and secrets inside their namespaces. Several Azure services will be deployed by Azure Kubernetes Service. This doesn't require any manual steps other than interacting with Kubernetes itself. The load balancer that the service will create will dispatch the requests between the WorkflowGen server replicas.
Prerequisites
You must have a working Kubernetes cluster with Windows Server 2019 nodes. See the Azure resources view above for a basic AKS setup. See Create a Windows Server container on an Azure Kubernetes Service (AKS) cluster using the Azure CLI to get started with creating an AKS cluster with Windows nodes support.

You must have installed the kubectl command line tool and it must be connected to the cluster. See the ​Create a Windows Server container on an Azure Kubernetes Service (AKS) cluster using the Azure CLI Microsoft article for instructions on how to connect kubectl with AKS.
As well, note that you should not create any other resources in Azure besides the cluster and its nodes. All required resources for the containers will be created by Kubernetes automatically. AKS is a fully-managed platform.
Add a PersistentVolumeClaim for shared storage
Now, you need to add a claim that represent the WorkflowGen data volume that will be used by your deployment. To do this, apply the following YAML to your cluster:
1
apiVersion: v1
2
kind: PersistentVolumeClaim
3
metadata:
4
  name: wfgdata-pvc
5
spec:
6
  accessModes:
7
    - ReadWriteMany
8
  storageClassName: azurefile
9
  resources:
10
    requests:
11
      storage: 50Gi
Copied!
Then, apply it to the cluster using the following command:
1
kubectl apply -c .\wfgdata-pvc.yml
Copied!
Add your WorkflowGen license file to the cluster
Kubernetes enables you to manage secrets and configurations as files inside the cluster and inject them into pods. In this case, you'll add your license file as a secret and later inject it to the WorkflowGen pod. To add your license to the cluster, execute the following command:
1
kubectl create secret generic wfgen-license-secret --from-file C:\Path\To\WorkflowGen.lic
Copied!
Add ConfigMaps for the services
As mentioned earlier, there is a mechanism in Kubernetes that allows you to manage your containers' configurations. Here, you'll create one for WorkflowGen and another for the database:
1
apiVersion: v1
2
kind: ConfigMap
3
metadata:
4
  name: wfgen-config
5
data:
6
  WFGEN_APP_SETTING_ApplicationUrl: http://10.0.1.1/wfgen
7
  WFGEN_DATABASE_CONNECTION_STRING_FILE: C:\secrets\WFGEN_DATABASE_CONNECTION_STRING
8
  WFGEN_APP_SETTING_ApplicationSerialNumber_FILE: C:\secrets\ApplicationSerialNumber
9
  WFGEN_APP_SETTING_ApplicationSecurityPasswordSymmetricEncryptionKey_FILE: C:\secrets\ApplicationSecurityPasswordSymmetricEncryptionKey
10
  WFGEN_MACHINE_KEY_DECRYPTION_KEY_FILE: C:\secrets\WFGEN_MACHINE_KEY_DECRYPTION_KEY
11
  WFGEN_MACHINE_KEY_VALIDATION_KEY_FILE: C:\secrets\WFGEN_MACHINE_KEY_VALIDATION_KEY
12
---
13
apiVersion: v1
14
kind: ConfigMap
15
metadata:
16
  name: database-config
17
data:
18
  ACCEPT_EULA: 'Y'
19
  SA_PASSWORD_FILE: /mnt/secrets/SA_PASSWORD
20
  WFGEN_DATABASE_USER_USERNAME_FILE: /mnt/secrets/WFGEN_DATABASE_USER_USERNAME
21
  WFGEN_DATABASE_USER_PASSWORD_FILE: /mnt/secrets/WFGEN_DATABASE_USER_PASSWORD
22
  WFGEN_ADMIN_PASSWORD_FILE: /mnt/secrets/WFGEN_ADMIN_PASSWORD
Copied!
The WFGEN_APP_SETTING_ApplicationUrl value will be changed to the load balancer's IP address after creating the WorkflowGen services. Therefore, it doesn't matter for now what is put in there because it will be changed later in this example.
Don't forget to apply this configuration:
1
kubectl apply -f .\config.yml
Copied!
Add secrets for the services
Kubernetes also manages secrets for you. They are securely stored and only given to the containers as files.
You need an encryption key to put as a secret:
1
[guid]::NewGuid().ToString('N')
2
# fda7a6a81db2428b8885bd1210522755
Copied!
Before creating the secrets, you must encode them in base64:
1
using namespace System.Text
2
​
3
function ConvertTo-Base64String {
4
    [CmdletBinding()]
5
    [OutputType([string])]
6
    param (
7
        [Parameter(Mandatory=$true,ValueFromPipeline=$true)]
8
        [ValidateNotNullOrEmpty()]
9
        [string]$Value
10
    )
11
​
12
    process {
13
        return [Convert]::ToBase64String([Encoding]::UTF8.GetBytes($Value))
14
    }
15
}
16
​
17
# Database containers
18
"strong(!)Pass" | ConvertTo-Base64String # c3Ryb25nKCEpUGFzcw==
19
"WFGEN_USER" | ConvertTo-Base64String # V0ZHRU5fVVNFUg==
20
​
21
# WorkflowGen containers
22
"<YOUR_WFG_LIC_KEY>" | ConvertTo-Base64String # PFlPVVJfV0ZHX0xJQ19LRVk+
23
"<YOU_NEW_GUID>" | ConvertTo-Base64String # PFlPVV9ORVdfR1VJRD4=
24
"Server=database-0.database.default.svc.cluster.local,1433;Database=WFGEN;User ID=WFGEN_USER;Password=strong(!)Pass;" `
25
    | ConvertTo-Base64String # V0ZHRU5fREFUQUJBU0VfQ09OTkVDVElPTl9TVFJJTkc9RGF0YSBTb3VyY2U9ZGF0YWJhc2UsMTQzMztOZXR3b3JrIExpYnJhcnk9REJNU1NPQ047SW5pdGlhbCBDYXRhbG9nPVdGR0VOO1VzZXIgSUQ9V0ZHRU5fVVNFUjtQYXNzd29yZD1zdHJvbmcoISlQYXNzOw==
26
"39B3AE9CCCF94AA47D795EC84F7CCB7928F5D59BE2EB2BBA4FE2AC0B3C8D0C85" | ConvertTo-Base64String # MzlCM0FFOUNDQ0Y5NEFBNDdENzk1RUM4NEY3Q0NCNzkyOEY1RDU5QkUyRUIyQkJBNEZFMkFDMEIzQzhEMEM4NQ==
27
"82F6247A5DBF8666FB60B8EFE6483360436F0EC426CC0351A9569C607B46C1FAD6497406DD8B0B519DD83CAA6764904C89999D742638ECE756E7C0B8799B45E9" `
28
    | ConvertTo-Base64String # ODJGNjI0N0E1REJGODY2NkZCNjBCOEVGRTY0ODMzNjA0MzZGMEVDNDI2Q0MwMzUxQTk1NjlDNjA3QjQ2QzFGQUQ2NDk3NDA2REQ4QjBCNTE5REQ4M0NBQTY3NjQ5MDRDODk5OTlENzQyNjM4RUNFNzU2RTdDMEI4Nzk5QjQ1RTk=
Copied!
Replace <YOUR_WFG_LIC_KEY> with your WorkflowGen license key, and replace <YOUR_NEW_GUID> with the GUID that you generated.
Those encoded values will go into the secrets declaration. To create the required secrets for the services, apply the following YAML:
1
apiVersion: v1
2
kind: Secret
3
metadata:
4
  name: database-sec
5
type: Opaque
6
data:
7
  SA_PASSWORD: c3Ryb25nKCEpUGFzcw==
8
  WFGEN_DATABASE_USER_PASSWORD: c3Ryb25nKCEpUGFzcw==
9
  WFGEN_ADMIN_PASSWORD: c3Ryb25nKCEpUGFzcw==
10
  WFGEN_DATABASE_USER_USERNAME: V0ZHRU5fVVNFUg==
11
---
12
apiVersion: v1
13
kind: Secret
14
metadata:
15
  name: wfgen-sec
16
type: Opaque
17
data:
18
  ApplicationSerialNumber: <YOUR_WFG_LIC_KEY_BASE64>
19
  ApplicationSecurityPasswordSymmetricEncryptionKey: <YOUR_NEW_GUID_BASE64>
20
  WFGEN_DATABASE_CONNECTION_STRING: V0ZHRU5fREFUQUJBU0VfQ09OTkVDVElPTl9TVFJJTkc9RGF0YSBTb3VyY2U9ZGF0YWJhc2UsMTQzMztOZXR3b3JrIExpYnJhcnk9REJNU1NPQ047SW5pdGlhbCBDYXRhbG9nPVdGR0VOO1VzZXIgSUQ9V0ZHRU5fVVNFUjtQYXNzd29yZD1zdHJvbmcoISlQYXNzOw==
21
  WFGEN_MACHINE_KEY_DECRYPTION_KEY: MzlCM0FFOUNDQ0Y5NEFBNDdENzk1RUM4NEY3Q0NCNzkyOEY1RDU5QkUyRUIyQkJBNEZFMkFDMEIzQzhEMEM4NQ==
22
  WFGEN_MACHINE_KEY_VALIDATION_KEY: ODJGNjI0N0E1REJGODY2NkZCNjBCOEVGRTY0ODMzNjA0MzZGMEVDNDI2Q0MwMzUxQTk1NjlDNjA3QjQ2QzFGQUQ2NDk3NDA2REQ4QjBCNTE5REQ4M0NBQTY3NjQ5MDRDODk5OTlENzQyNjM4RUNFNzU2RTdDMEI4Nzk5QjQ1RTk=
Copied!
Replace <YOUR_WFG_LIC_KEY_BASE64> with the value generated in the previous step for the WorkflowGen license key, and replace <YOUR_NEW_GUID_BASE64> with the value generated in the previous step for the new GUID.
Don't forget to apply this:
1
kubectl apply -f secrets.yml
Copied!
Deploy the containers
You're now ready to deploy the services. You'll create two Deployment objects and one ReplicaSet object. The deployment will create ReplicaSets for all the services with different configurations. Those deployments can later be configured to automatically scale with the pods' usage. The ReplicaSet will provide the necessary services to the database container in order to run properly and avoid data losses. Don't forget that there should only be one instance of each WorkflowGen Windows Service running at all time. This container pattern is called a Singleton.
Database
This configuration will deploy the StatefulSet database along with a headless service. This object will also create a persistent volume claim based on the template provided in the declaration.
1
apiVersion: v1
2
kind: Service
3
metadata:
4
  name: database
5
spec:
6
  type: ClusterIP
7
  clusterIP: None
8
  ports:
9
    - port: 1433
10
      targetPort: mssql
11
      protocol: TCP
12
      name: mssql
13
  selector:
14
    app.kubernetes.io/name: workflowgen
15
    app.kubernetes.io/component: database
16
---
17
apiVersion: apps/v1
18
kind: StatefulSet
19
metadata:
20
  name: database
21
spec:
22
  replicas: 1
23
  serviceName: database
24
  selector:
25
    matchLabels:
26
      app.kubernetes.io/name: workflowgen
27
      app.kubernetes.io/component: database
28
  template:
29
    metadata:
30
      labels:
31
        app.kubernetes.io/name: workflowgen
32
        app.kubernetes.io/component: database
33
    spec:
34
      terminationGracePeriodSeconds: 10
35
      nodeSelector:
36
        kubernetes.io/os: linux
37
      containers:
38
        - name: database
39
          image: advantys/workflowgen-sql:7.18.3-ubuntu-18.04
40
          imagePullPolicy: Always
41
          securityContext:
42
            runAsUser: 0
43
            runAsGroup: 0
44
          resources:
45
            requests:
46
              memory: "1Gi"
47
              cpu: "500m"
48
            limits:
49
              memory: "2Gi"
50
              cpu: "1"
51
          envFrom:
52
            - configMapRef:
53
                name: database-config
54
          ports:
55
            - name: mssql
56
              containerPort: 1433
57
          livenessProbe:
58
            initialDelaySeconds: 30
59
            timeoutSeconds: 5
60
            exec:
61
              command:
62
                - pwsh
63
                - -NoLogo
64
                - -NoProfiles
65
                - /usr/local/bin/healthcheck.ps1
66
          readinessProbe:
67
            initialDelaySeconds: 20
68
            timeoutSeconds: 5
69
            exec:
70
              command:
71
                - pwsh
72
                - -NoLogo
73
                - -NoProfiles
74
                - /usr/local/bin/healthcheck.ps1
75
          volumeMounts:
76
            - mountPath: /var/opt/mssql
77
              name: sqldata
78
            - mountPath: /mnt/secrets
79
              readOnly: true
80
              name: secrets
81
      volumes:
82
        - name: secrets
83
            secret:
84
              secretName: database-sec
85
  volumeClaimTemplates:
86
    - metadata:
87
        name: sqldata
88
      spec:
89
        accessModes:
90
          - ReadWriteOnce
91
        storageClassName: default
92
        resources:
93
          requests:
94
            storage: 100Gi
Copied!
Apply the database first:
1
kubectl apply -f database.yml
Copied!
WorkflowGen web applications
1
apiVersion: apps/v1
2
kind: Deployment
3
metadata:
4
  name: wfgen-webapps
5
spec:
6
  replicas: 3
7
  strategy:
8
    type: Recreate
9
  selector:
10
    matchLabels:
11
      app.kubernetes.io/name: workflowgen
12
      app.kubernetes.io/component: webapps
13
  template:
14
    metadata:
15
      labels:
16
        app.kubernetes.io/name: workflowgen
17
        app.kubernetes.io/component: webapps
18
    spec:
19
      nodeSelector:
20
        kubernetes.io/os: windows
21
      containers:
22
        - name: wfgen
23
          image: advantys/workflowgen:7.18.3-win-ltsc2019
24
          imagePullPolicy: Always
25
          resources:
26
            requests:
27
              memory: "2Gi"
28
              cpu: "1"
29
            limits:
30
              memory: "2Gi"
31
              cpu: "1"
32
          ports:
33
            - name: http
34
              containerPort: 80
35
              protocol: TCP
36
          envFrom:
37
            - configMapRef:
38
                name: wfgen-config
39
          env:
40
            - name: WFGEN_START_SERVICE
41
              value: webapps
42
          livenessProbe:
43
            periodSeconds: 30
44
            timeoutSeconds: 5
45
            initialDelaySeconds: 60
46
            exec:
47
              command:
48
                - powershell
49
                - C:\healthcheck.ps1
50
          livenessProbe:
51
            timeoutSeconds: 5
52
            initialDelaySeconds: 60
53
            exec:
54
              command:
55
                - powershell
56
                - -Command
57
                - if (Test-Path "C:\iislog\W3SVC\*log") { return 0 } else { return 1 }
58
          volumeMounts:
59
            - mountPath: C:\wfgen\data
60
              name: wfgdata
61
            - mountPath: C:\wfgen\licenses
62
              readOnly: true
63
              name: licenses
64
            - mountPath: C:\secrets
65
              readOnly: true
66
              name: secrets
67
      volumes:
68
        - name: wfgdata
69
          persistentVolumeClaim:
70
            claimName: wfgdata-pvc
71
        - name: licenses
72
          secret:
73
            secretName: wfgen-license-secret
74
            items:
75
              # The following must match the name of the license item in 
76
              # the license secret, e.g. the name of the license file
77
              - key: WorkflowGen.lic
78
                path: WorkflowGen.lic
79
        - name: secrets
80
            secret:
81
              secretName: wfgen-sec
Copied!
Apply this replication controller:
1
kubectl apply -f wfgen-webapps.yml
Copied!
Windows Services deployment
1
apiVersion: apps/v1
2
kind: Deployment
3
metadata:
4
  name: wfgen-winservices
5
spec:
6
  replicas: 1 # Singleton pattern
7
  strategy:
8
    type: Recreate
9
  selector:
10
    matchLabels:
11
      app.kubernetes.io/name: workflowgen
12
      app.kubernetes.io/component: winservices
13
  template:
14
    metadata:
15
      labels:
16
        app.kubernetes.io/name: workflowgen
17
        app.kubernetes.io/component: winservices
18
    spec:
19
      nodeSelector:
20
        kubernetes.io/os: windows
21
      containers:
22
        - name: wfgen-dir-sync
23
          image: advantys/workflowgen:7.18.3-win-ltsc2019
24
          resources:
25
            requests:
26
              memory: "1Gi"
27
              cpu: "500m"
28
            limits:
29
              memory: "1Gi"
30
              cpu: "750m"
31
          envFrom:
32
            - configMapRef:
33
                name: wfgen-config
34
          env:
35
            - name: WFGEN_START_SERVICE
36
              value: dir_sync
37
          livenessProbe:
38
            periodSeconds: 30
39
            timeoutSeconds: 5
40
            initialDelaySeconds: 60
41
            exec:
42
              command:
43
                - powershell
44
                - C:\healthcheck.ps1
45
          volumeMounts:
46
            - mountPath: C:\wfgen\data
47
              name: wfgdata
48
            - mountPath: C:\wfgen\licenses
49
              readOnly: true
50
              name: licenses
51
            - mountPath: C:\secrets
52
              readOnly: true
53
              name: secrets
54
        - name: wfgen-engine
55
          image: advantys/workflowgen:7.18.3-win-ltsc2019
56
          resources:
57
            requests:
58
              memory: "1Gi"
59
              cpu: "500m"
60
            limits:
61
              memory: "1Gi"
62
              cpu: "750m"
63
          envFrom:
64
            - configMapRef:
65
                name: wfgen-config
66
          env:
67
            - name: WFGEN_START_SERVICE
68
              value: engine
69
          livenessProbe:
70
            periodSeconds: 30
71
            timeoutSeconds: 5
72
            initialDelaySeconds: 60
73
            exec:
74
              command:
75
                - powershell
76
                - C:\healthcheck.ps1
77
          volumeMounts:
78
            - mountPath: C:\wfgen\data
79
              name: wfgdata
80
            - mountPath: C:\wfgen\licenses
81
              readOnly: true
82
              name: licenses
83
            - mountPath: C:\secrets
84
              readOnly: true
85
              name: secrets
86
      volumes:
87
        - name: wfgdata
88
          persistentVolumeClaim:
89
            claimName: wfgdata-pvc
90
        - name: licenses
91
          secret:
92
            secretName: fgen-license-secret
93
            items:
94
              # The following must match the name of the license item in 
95
              # the license secret, e.g. the name of the license file
96
              - key: WorkflowGen.lic
97
                path: WorkflowGen.lic
98
        - name: secrets
99
            secret:
100
              secretName: wfgen-sec
Copied!
Apply the Windows Services:
1
kubectl apply -f wfgen-win-services.yml
Copied!
Add a load balancer
Now, you need to add a public-facing load balancer in order to dispatch requests to your pods. To do this, execute the following command:
1
kubectl expose deployment wfgen-webapps --type=LoadBalancer --name=wfgen-service
Copied!
You now need to wait for the IP to be provisioned. Execute the following command periodically until you get the load balancer's public IP:
1
kubectl get services wfgen-service
Copied!
Once the value of EXTERNAL-IP is provisioned, copy it and modify the WorkflowGen configuration to change the WFGEN_APP_SETTING_ApplicationUrl value:
1
# wfgen-config.yml
2
apiVersion: v1
3
kind: ConfigMap
4
metadata:
5
  name: wfgen-config
6
data:
7
  WFGEN_APP_SETTING_ApplicationUrl: 'http://<EXTERNAL_IP>/wfgen'
8
  WFGEN_DATABASE_CONNECTION_STRING_FILE: C:\secrets\WFGEN_DATABASE_CONNECTION_STRING
9
  WFGEN_APP_SETTING_ApplicationSerialNumber_FILE: C:\secrets\ApplicationSerialNumber
10
  WFGEN_APP_SETTING_ApplicationSecurityPasswordSymmetricEncryptionKey_FILE: C:\secrets\ApplicationSecurityPasswordSymmetricEncryptionKey
11
  WFGEN_MACHINE_KEY_DECRYPTION_KEY_FILE: C:\secrets\WFGEN_MACHINE_KEY_DECRYPTION_KEY
12
  WFGEN_MACHINE_KEY_VALIDATION_KEY_FILE: C:\secrets\WFGEN_MACHINE_KEY_VALIDATION_KEY
Copied!
Replace <EXTERNAL_IP> with the value of EXTERNAL-IP that you have.
Apply it:
1
kubectl apply -f wfgen-config.yml
Copied!
Then, restart all of the pods in the WorkflowGen deployment to apply the changes to them. You have to do this for the Windows services as well. To do this, execute the following commands:
1
kubctl scale deployment wfgen-webapps --replicas 0 -n wfgen-service
2
kubctl scale deployment wfgen-winservices --replicas 0 -n wfgen-service
3
​
4
# Wait until the scaling is done and then scale up
5
kubctl scale deployment wfgen-webapps --replicas 3 -n wfgen-service
6
kubctl scale deployment wfgen-winservices --replicas 1 -n wfgen-service
Copied!
You should now have a working WorkflowGen with a load balancer and a database.
Kubernetes with AKS using Helm
Helm is a package manager–like tool for Kubernetes. It manages the sharing, deployment, updates and rollbacks of software developed for Kubernetes. Based on values provided, Helm generates definition files for the cluster with the template engine from the Go programming language. For each release, WorkflowGen now produces a chart that you can use with your cluster. To have the latest bug fixes and features from the chart, make sure to always pick the chart released with the latest update of WorkflowGen.
Architecture overview
At the end of this section, you'll have this cluster configuration:
Azure resources view
Kubernetes objects view
Every container in the cluster will have access to the configuration and secrets inside their namespaces. Several Azure services will be deployed by Azure Kubernetes Service. This doesn't require any manual steps other than interacting with Kubernetes itself. The load balancer that the service will create will dispatch the requests between the WorkflowGen server replicas.
Prerequisites
You must have a working Kubernetes cluster with Windows Server 2019 nodes. See the Azure resources view above for a basic AKS setup. See Create a Windows Server container on an Azure Kubernetes Service (AKS) cluster using the Azure CLI to get started with creating an AKS cluster with Windows node support.

You must have installed the kubectl command line tool and it must be connected to the cluster. See the ​Create a Windows Server container on an Azure Kubernetes Service (AKS) cluster using the Azure CLI Microsoft article for instructions on how to connect kubectl with AKS.

You must have installed the Helm command line tool. See the Installing Helm section on the Helm website for instructions on how to install it. Only the Helm version 3.0+ is supported.
As well, note that you should not create any other resources in Azure besides the cluster and its nodes. All required resources for the containers will be created by Kubernetes automatically. AKS is a fully-managed platform.
Create the symmetric encryption key
This value should be generated by you. A simple GUID will suffice since it has sufficient entropy not to be guessed:
1
[guid]::NewGuid().ToString('N')
2
# fda7a6a81db2428b8885bd1210522755
Copied!
Add your WorkflowGen license file to the cluster
Kubernetes enables you to manage secrets and configurations as files inside the cluster and inject them into pods. In this case, you'll add your license file as a secret and later inject it to the WorkflowGen pod. To add your license to the cluster, execute the following command:
1
kubectl create secret generic wfgen-license-secret --from-file C:\Path\To\WorkflowGen.lic
Copied!
Create a file with your values for the Chart
In order to generate the templates tailored to your configuration expectations, you have to provide some values to the helm command when you install or update a release. You can specify those values using the command line interface or with a file. In the case of a new installation, it will be easier with a file. Here are the values that you will need:
1
replicaCount: 3
2
​
3
workflowgen:
4
  resources:
5
    limits:
6
      cpu: '1'
7
      memory: 2Gi
8
    requests:
9
      cpu: '1'
10
      memory: 2Gi
11
  config:
12
    WFGEN_APP_SETTING_ApplicationUrl: http://10.0.1.1/wfgen
13
    WFGEN_DATABASE_CONNECTION_STRING_FILE: C:\secrets\WFGEN_DATABASE_CONNECTION_STRING
14
    WFGEN_APP_SETTING_ApplicationSerialNumber_FILE: C:\secrets\ApplicationSerialNumber
15
    WFGEN_APP_SETTING_ApplicationSecurityPasswordSymmetricEncryptionKey_FILE: C:\secrets\ApplicationSecurityPasswordSymmetricEncryptionKey
16
    WFGEN_MACHINE_KEY_DECRYPTION_KEY_FILE: C:\secrets\WFGEN_MACHINE_KEY_DECRYPTION_KEY
17
    WFGEN_MACHINE_KEY_VALIDATION_KEY_FILE: C:\secrets\WFGEN_MACHINE_KEY_VALIDATION_KEY
18
  secret:
19
    ApplicationSerialNumber: <YOUR_WFG_LIC_KEY>
20
    ApplicationSecurityPasswordSymmetricEncryptionKey: <YOUR_NEW_GUID>
21
    WFGEN_DATABASE_CONNECTION_STRING: 'Server=wfgen-database-0.wfgen-database.default.svc.cluster.local,1433;Database=WFGEN;User ID=WFGEN_USER;Password=strong(!)Pass;'
22
    WFGEN_MACHINE_KEY_DECRYPTION_KEY: '39B3AE9CCCF94AA47D795EC84F7CCB7928F5D59BE2EB2BBA4FE2AC0B3C8D0C85'
23
    WFGEN_MACHINE_KEY_VALIDATION_KEY: '82F6247A5DBF8666FB60B8EFE6483360436F0EC426CC0351A9569C607B46C1FAD6497406DD8B0B519DD83CAA6764904C89999D742638ECE756E7C0B8799B45E9'
24
  license:
25
    secretName: wfgen-license-secret
26
    items:
27
      - key: WorkflowGen.lic
28
        path: WorkflowGen.lic
29
  dataPvcSpec:
30
    accessModes:
31
      - ReadWriteMany
32
    storageClassName: azurefile
33
    resources:
34
      requests:
35
        storage: 50Gi
36
  service:
37
    type: LoadBalancer
38
​
39
winServices:
40
  dirSync:
41
    resources:
42
      limits:
43
        cpu: '1'
44
        memory: 1Gi
45
      requests:
46
        cpu: '500M'
47
        memory: 1Gi
48
  engine:
49
    resources:
50
      limits:
51
        cpu: '1'
52
        memory: 1Gi
53
      requests:
54
        cpu: '500M'
55
        memory: 1Gi
56
​
57
database:
58
  fullnameOverride: wfgen-database
59
  nodeSelector:
60
    kubernetes.io/os: linux
61
  securityContext:
62
    runAsUser: 0
63
    runAsGroup: 0
64
  resources:
65
    limits:
66
      cpu: '1'
67
      memory: 2Gi
68
    requests:
69
      cpu: '500m'
70
      memory: 1Gi
71
  config:
72
    ACCEPT_EULA: 'Y'
73
    SA_PASSWORD_FILE: /mnt/secrets/SA_PASSWORD
74
    WFGEN_DATABASE_USER_USERNAME_FILE: /mnt/secrets/WFGEN_DATABASE_USER_USERNAME
75
    WFGEN_DATABASE_USER_PASSWORD_FILE: /mnt/secrets/WFGEN_DATABASE_USER_PASSWORD
76
    WFGEN_ADMIN_PASSWORD_FILE: /mnt/secrets/WFGEN_ADMIN_PASSWORD
77
  secret:
78
    SA_PASSWORD: 'strong(!)Pass'
79
    WFGEN_DATABASE_USER_PASSWORD: 'strong(!)Pass'
80
    WFGEN_ADMIN_PASSWORD: 'strong(!)Pass'
81
    WFGEN_DATABASE_USER_USERNAME: WFGEN_USER
82
  volumeClaimTemplateSpec:
83
    accessModes:
84
      - ReadWriteOnce
85
    storageClassName: default
86
    resources:
87
      requests:
88
        storage: 100Gi
89
​
90
ingress:
91
  enabled: false
92
​
Copied!
Replace <YOUR_WFG_LIC_KEY> with your WorkflowGen license key, and replace <YOUR_NEW_GUID> with the GUID that you generated.
You can save this file as values.yaml. The name is not important.
Install the WorkflowGen chart
You now need to install the chart with those values. To do this, execute the following command:
1
helm install -f .\values.yaml wfg https://github.com/advantys/workflowgen-releases/releases/download/7.18.3/workflowgen-0.0.3.tgz
Copied!
Helm will generate Kubernetes deployment files for you and install them on the cluster.
Update the application URL
This configuration will create a load balancer in front of the WorkflowGen containers. You will need to wait for it to get a public IP address. Execute the following command periodically until you get the load balancer's public IP:
1
kubectl get services wfgen-service
Copied!
Once the value of EXTERNAL-IP is provisioned, copy it and modify the WorkflowGen configuration to change the WFGEN_APP_SETTING_ApplicationUrl value. To do this, you first need to get the name of the ConfigMap associated with the WorkflowGen deployment. The following command will give you all the ConfigMap objects in the default namespace:
1
kubectl get configmap
Copied!
Copy the WorkflowGen ConfigMap name and replace <WFG_CONFIG_MAP> with the value in the following command:
1
kubectl edit configmap "<WFGEN_CONFIG_MAP>"
Copied!
This will bring up an editor so you can replace the WFGEN_APP_SETTING_ApplicationUrl value with the correct IP address from the load balancer service. Save the file and exit the editor. To apply the changes made to the ConfigMap object, restart all of the pods in the WorkflowGen deployment. You have to do this for the Windows services as well. Get the name of the deployments with the following command:
1
kubectl get deployment
Copied!
Replace <WEB_APPS_DEPLOYMENT_NAME> and <WIN_SERVICES_DEPLOYMENT_NAME> in the following script with the correct deployment names to restart all containers:
1
kubctl scale deployment "<WEB_APPS_DEPLOYMENT_NAME>" --replicas 0 -n wfgen-service
2
kubctl scale deployment "<WIN_SERVICES_DEPLOYMENT NAME>" --replicas 0 -n wfgen-service
3
​
4
# Wait until the scaling is done and then scale up
5
kubctl scale deployment "<WEB_APPS_DEPLOYMENT_NAME>" --replicas 3 -n wfgen-service
6
kubctl scale deployment "<WIN_SERVICES_DEPLOYMENT NAME>" --replicas 1 -n wfgen-service
Copied!
You should now have a working WorkflowGen with a load balancer and a database.