View this page in the latest version of Appian. RPA Setup for Appian on Kubernetes Share Share via LinkedIn Reddit Email Copy Link Print On This Page Overview This page shows how to configure RPA in Appian on Kubernetes for self-managed customers. rpa-secret.yaml Users need to deploy a secret to their cluster namespace with credentials for connecting to the MariaDB data source used by Appian RPA. 1 2 3 4 5 6 7 8 9 apiVersion: v1 kind: Secret type: Opaque metadata: name: rpa-data-source-credentials namespace: my-site-namespace data: username: base64-encoded-username password: base64-encoded-password The values for username (should be appian) and password must be base64 encoded. If you run the following command, that should generate this secret, and handle the base64 encoding: 1 kubectl create secret generic -n my-site-namespace rpa-data-source-credentials --from-literal=username=appian --from-literal=password=my-password Note: Set your username to be appian The value for metadata name needs to match the name of the credentialSecretName and passwordSecretName used in the Appian YAML file. Note: You must store the secret in the same namespace as the Appian CR. Database Initialization for MariaDB Prerequisites Before proceeding, make sure you have: Access to a MariaDB server where you have permissions to create databases and users. The password used above in rpa-data-source-credentials. You will be setting up the username and password that secret corresponds to in this guide. Step 1: Log in to Your MariaDB Server First, connect to your MariaDB server using the MariaDB client. Replace your_username with your actual database username: 1 mysql -u your_username -p You will be prompted for your password. Enter it to proceed. Step 2: Create Databases Execute the following SQL commands to create the necessary databases. These commands are safe to run multiple times; they will not overwrite existing databases. 1 2 3 CREATE DATABASE IF NOT EXISTS Rpa; CREATE DATABASE IF NOT EXISTS Rtdo; CREATE DATABASE IF NOT EXISTS Rpdo; Step 3: Create User and Grant Permissions Replace password with the password you wish to use for your application's database connection. This step grants the necessary permissions for the newly created user on the databases created in the previous step. Note: The password used must be the same password used for rpa-data-source-credentials. 1 2 3 4 5 CREATE USER 'appian'@'%' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON Rpa.* TO 'appian'@'%'; GRANT ALL PRIVILEGES ON Rtdo.* TO 'appian'@'%'; GRANT ALL PRIVILEGES ON Rpdo.* TO 'appian'@'%'; FLUSH PRIVILEGES; Step 4: Verifying the Setup To verify that the databases and user have been set up correctly, you can log in as the newly created user and list the databases: 1 mysql -u appian -p Once logged in, execute: 1 SHOW DATABASES; You should see Rpa, Rtdo, and Rpdo listed among the databases. Restricting outbound traffic for RPA RPA requires unrestricted access to the internet by default, with RPA reaching out to Maven repositories on the internet when it checks for 3rd party dependencies (JARs) for each robotic task execution. (See the RPA Repository Management page for more information.) Alternatively, you can configure RPA to work in "offline" mode in order to prevent RPA from connecting to the public internet. RPA will be fully functional in "offline" mode; however, this may increase the export size for any Java-dependent Robotic Tasks. To restrict RPA from communicating with the public internet, set the value for .spec.rpa.properties.rpa.artifact.resolution to "offline". If the custom property is omitted, the default is "online". 1 2 3 4 5 6 7 8 apiVersion: crd.k8s.appian.com/v1beta1 kind: Appian metadata: name: appian spec: rpa: properties: rpa.artifact.resolution: "offline" Feedback Was this page helpful? SHARE FEEDBACK Loading...