Setting Up File Transfer Resources

This procedure describes how to set up optional Kubernetes resources for Control-M Managed File Transfer (MFT).

Begin

  1. Create one or more Persistent Volume Claim (PVC) for Control-M MFT to use to read/write files during a file transfer into or out of the Kubernetes cluster.

    These PVCs provide persistent storage within the Agent namespace, ensuring that transferred files remain accessible even if the MFT pod is restarted or rescheduled.

    1. Create a YAML file with the definitions of a Persistent Volume Claim (PVC), and apply the PVC in Kubernetes.

      The following is an example of such a YAML file:

      Copy 
      kind: PersistentVolumeClaim
      apiVersion: v1
      metadata:
        name: mft-pvc
      spec:
        accessModes:
          - ReadWriteMany
        storageClassName: <storageClassName>
        resources:
          requests:
            storage: 2Gi

    2. During Agent deployment, you can configure multiple PVCs for Control-M MFT. For each PVC, specify a corresponding mount point in the Agent pod, as shown below.

  2. Create a YAML file with the definitions of a ConfigMap that contains configuration settings for Control-M MFT, and apply the ConfigMap in Kubernetes.

    The following is an example of such a YAML file:

    Copy 
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: mft-config-params
    data:
      com.bmc.aft.configurable.ftp.protocolJobOutputDebugLevel: "DEBUG"
      com.bmc.aft.configurable.printTransferDefinitions: "true"

    Configuration parameter names and values in the ConfigMap are saved in the aft_configurable.properties file.

    For more information, see Configuring Control-M MFT in the aft_configurable.properties File.

  3. Create a Kubernetes secret that holds the list of private SSH keys that are used by Control-M MFT for SFTP key authentication.

    1. Obtain the private SSH keys that are used by Control-M MFT for SFTP key authentication.

    2. Create a Kubernetes secret by running the following command:

      kubectl create secret generic <secret_name> --from-file=<key1>=<path_to_key1> --from-file=<key2>=<path_to_key2>

      When you define parameters for SFTP-type MFT connection profiles for Kubernetes pods, you must use the same private key names (as <key1> and <key2>).

      During Agent deployment, each item in the list generates a key file that is stored in <Control-M/Agent_Home_Dir>/cm/AFT/data/Keys in the Agent pod.

  4. During the Agent deployment in the Kubernetes cluster, set the Helm installation parameters for the Kubernetes resources described in the previous steps, as in the following example:

    Copy 
    --set mft.pvcs[0].name=mft-pvc \
    --set mft.pvcs[0].mountPath=/mft_mountPath \
    --set mft.configParametersConfigMapName=mft-config-params \
    --set mft.sshPrivateKeySecretName=sshPrivateKeysSecret

    For more information, see Deploying Agents Using a Helm Chart and Helm Installation Parameters.

    To deploy an Agent with the MFT plug-in, use the 9.22.100-k8s-mft-openjdk image tag. To build a custom image from the MFT base image, use the 9.22.100-k8s-mft tag.