RPA Setup for Appian on Kubernetes Share Share via LinkedIn Reddit Email Copy Link Print On This Page Overview This page guides self-managed customers through configuring RPA in Appian on Kubernetes. Create and set up the rpa-secret.yaml file Before you begin, you must deploy a secret to your cluster namespace with credentials for connecting to the MariaDB data source used by Appian RPA. The rpa-secret.yaml file is a Kubernetes secret configuration file that stores these credentials (username and password). To complete these steps kubectl must be installed and configured, and you must have access to the appropriate Kubernetes namespace. To create and set up the rpa-secret.yaml file, complete the following steps. Create a YAML file named rpa-secret.yaml with the following content: 1 2 3 4 5 6 7 8 9 apiVersion: v1 kind: Secret type: Opaque metadata: name: rpa-data-source-credentials namespace: my-site-namespace data: username: base64-encoded-username password: base64-encoded-password Set your username to appian. Run the following command to generate the secret and base64 encode the values for username (which should be appian) and password. 1 kubectl create secret generic -n my-site-namespace rpa-data-source-credentials --from-literal=username=appian --from-literal=password=my-password Apply the secret to the cluster: 1 kubectl apply -f rpa-secret.yaml Verify the secret: Ensure the secret is in the correct namespace: 1 kubectl get secrets -n my-site-namespace The value for metadata name needs to match the name of the credentialSecretName and passwordSecretName used in the Appian YAML file. Note: You must store the secret in the same namespace as the Appian CR. MariaDB database configuration and initialization Prerequisites Before proceeding, make sure you have: Access to a MariaDB server where you have permissions to create databases and users. The password used above in rpa-data-source-credentials. You will be setting up the username and password that secret corresponds to in this guide. Step 1: Log in to Your MariaDB Server First, connect to your MariaDB server using the MariaDB client. Replace your_username with your actual database username: 1 mysql -u your_username -p You will be prompted for your password. Enter it to proceed. Step 2: Create Databases Execute the following SQL commands to create the necessary databases. These commands are safe to run multiple times; they will not overwrite existing databases. 1 2 3 CREATE DATABASE IF NOT EXISTS Rpa; CREATE DATABASE IF NOT EXISTS Rtdo; CREATE DATABASE IF NOT EXISTS Rpdo; Step 3: Create User and Grant Permissions Replace password with the password you wish to use for your application's database connection. This step grants the necessary permissions for the newly created user on the databases created in the previous step. Note: The password used must be the same password used for rpa-data-source-credentials. 1 2 3 4 5 CREATE USER 'appian'@'%' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON Rpa.* TO 'appian'@'%'; GRANT ALL PRIVILEGES ON Rtdo.* TO 'appian'@'%'; GRANT ALL PRIVILEGES ON Rpdo.* TO 'appian'@'%'; FLUSH PRIVILEGES; Step 4: Verifying the Setup To verify that the databases and user have been set up correctly, you can log in as the newly created user and list the databases: 1 mysql -u appian -p Once logged in, execute: 1 SHOW DATABASES; You should see Rpa, Rtdo, and Rpdo listed among the databases. Restricting outbound traffic for RPA RPA requires unrestricted access to the internet by default, with RPA reaching out to Maven repositories on the internet when it checks for 3rd party dependencies (JARs) for each robotic task execution. (See the RPA Repository Management page for more information.) Alternatively, you can configure RPA to work in "offline" mode in order to prevent RPA from connecting to the public internet. RPA will be fully functional in "offline" mode; however, this may increase the export size for any Java-dependent Robotic Tasks. To restrict RPA from communicating with the public internet, set the value for .spec.rpa.properties.rpa.artifact.resolution to "offline". If the custom property is omitted, the default is "online". 1 2 3 4 5 6 7 8 apiVersion: crd.k8s.appian.com/v1beta1 kind: Appian metadata: name: appian spec: rpa: properties: rpa.artifact.resolution: "offline" Feedback Was this page helpful? SHARE FEEDBACK Loading...