Home
MATRIXX Installation and Upgrade
Installing MATRIXX
A cloud native MATRIXX installation consists of containers installed with the MATRIXX Helm chart in a multi-node Kubernetes cluster (or clusters), requiring MATRIXX images and MATRIXX Engine custom resource definitions and controllers.
Installing and Configuring Helm
The Helm package manager provides a mechanism for deploying Kubernetes manifest files in a controlled manner and facilitates application upgrade, scaling, and, where necessary, rollback. To use the MATRIXX Helm chart, install the Helm software, create a chart repository, and load the MATRIXX Helm chart and sub-charts into your repository.
Service Accounts
Service accounts are created by default by the MATRIXX Helm chart, assuming the associated components have been enabled. These service accounts are required as the related components interact with the Kubernetes API.

Welcome
MATRIXX Release Notes
MATRIXX Architecture
MATRIXX Installation and Upgrade
- About MATRIXX Installation and Upgrade
  MATRIXX Installation and Upgrade describes the tasks required to install MATRIXX components as containers using Kubernetes and Helm.
- Cloud Native Infrastructure Requirements
  Cloud native MATRIXX deployments have infrastructure requirements for third-party software versions, Kubernetes pod characteristics, and container characteristics. Nodes running MATRIXX components have operating system, memory, networking, and storage requirements.
- Topology Operator and Engine Operator Feature Differences
  Different MATRIXX features are supported depending on whether your installation is based on Topology Operator or Engine Operator.
- Installing MATRIXX
  A cloud native MATRIXX installation consists of containers installed with the MATRIXX Helm chart in a multi-node Kubernetes cluster (or clusters), requiring MATRIXX images and MATRIXX Engine custom resource definitions and controllers.
  - Obtain and Host Images
    Obtain the images, Helm chart, and utility scripts from MATRIXX, and host the images in an image repository so that they can be retrieved and instantiated as containers.
  - Installing and Configuring Helm
    The Helm package manager provides a mechanism for deploying Kubernetes manifest files in a controlled manner and facilitates application upgrade, scaling, and, where necessary, rollback. To use the MATRIXX Helm chart, install the Helm software, create a chart repository, and load the MATRIXX Helm chart and sub-charts into your repository.
    - Service Accounts
      Service accounts are created by default by the MATRIXX Helm chart, assuming the associated components have been enabled. These service accounts are required as the related components interact with the Kubernetes API.
    - Required Helm Role Access Permissions
      The user account that deploys MATRIXX has specific Helm role requirements.
  - Install the MATRIXX Charts in the Kubernetes Cluster
    After you install Helm and configure a private chart repository containing the MATRIXX charts, use Helm to install MATRIXX in the Kubernetes cluster.
  - Install in Multiple Namespaces
    Installing MATRIXX across multiple Kubernetes namespaces allows sub-groups of components to be upgraded without affecting the operation of other components.
  - Add or Remove a Domain in a Multi Domain Deployment
    When adding or removing domains, identify (or remove) the domain ID in the topology section of your Helm values file(s) and redeploy the common SBA Gateway CHF (for inbound traffic) and Traffic Routing Agent (TRA-RT/DR) instances for the deployment.
  - Engine Management
    Two different methods of MATRIXX Engine management are available: Topology Operator (default), and Engine Operator.
- Topology Operator Installation and Upgrade Examples
  These examples show how you can configure the installation of multiple MATRIXX Engines in a single namespace, multiple namespaces in a single cluster, and multiple clusters.
- Configuring MATRIXX
  MATRIXX is configured using Helm properties. Questions and answers in create_config.info files can also provide configuration using configuration sources. For information about how to configure MATRIXX, see the discussions of those topics in MATRIXX Configuration.
- Topology Operator
  The Topology Operator method of MATRIXX Engine pod management utilizes multiple custom resources (CRs) and operator pods working together to manage the installation and upgrade of multiple sub-domains and engines across Kubernetes clusters, including the loading of pricing and taxation data.
- Scaling MATRIXX
  Use Helm and Kubernetes to manually add or remove pods as necessary. You can also use Kubernetes to manage resources available to MATRIXX Engine pods.
- Network Enablers in a Kubernetes Cluster
  For Call Control Framework (CCF), only the deployment of Network Enablers (NEs) in a Kubernetes cluster is different from a standard deployment.
- Deploying Cloud Native CAMEL Gateway
  When deploying CAMEL Gateway as part of the reference architecture, you can use any namespace within the Kubernetes clusters. You can make multiple deployments into multiple namespaces, for example, to have different environments for testing and production.
- Enabling MEF Publishing
  An SSH key, used for password-less SSH login, is required to enable _glossary/mef.html publishing in Kubernetes. A secret holds the SSH private key, and the key is specified in Helm values. The SSH key allows administrators to write to a target directory in a secure manner without having to enter a passphrase.
- Encrypted Interface Engine Replay Overview
  Transport-layer security (TLS) encryption can be enabled for replay between processing and publishing pods and between engines.
- MATRIXX Reference for MongoDB
  Cloud native MATRIXX deployments support MongoDB as an event store using the MongoDB Enterprise Operator for Kubernetes.
- MATRIXX Reference for Apache Kafka
  The Event Streaming Framework provides a connector for sending event stream data to Apache Kafka. Using 5G event streaming also requires Apache Kafka, which is not provided with MATRIXX. You can use a Helm chart to install and configure Apache Kafka.
- MATRIXX Reference for Ingress
  A Kubernetes Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster.
- Debugging and Failure Recovery
  MATRIXX components store log files in persistent storage on the node by default, in a persistent volume (PV) at the location specified in global.storage.localStorageDir property (/home/data by default).
- Upgrading Engine Operator-Based MATRIXX Installations
  Upgrading cloud native MATRIXX has several stages.
- Migrating to Topology Operator
  This example shows migration from a MATRIXX version XXXX deployment managed by Engine Operator to a deployment managed by Topology Operator. The same approach applies when migrating from Engine Controller.
- Migration from a Bare Metal to a Cloud Native Deployment
  Migrating from a bare metal MATRIXX deployment to a cloud native deployment (from the same MATRIXX version) requires temporarily using a hybrid platform made up of components from both deployments. This hybrid environment allows migration to the cloud native deployment without disruption of services.
- The Admin Service
  Operations teams can use the Admin Service to administer a MATRIXX deployment with domain-specific commands based on the components that are installed. It allows administration of the installation without providing unrestricted direct access to the Kubernetes cluster. You can secure commands based on user roles and audit command usage.
- Uninstall MATRIXX Engine with Helm
  Use the helm uninstall command to uninstall MATRIXX Engine components installed from the Helm chart.
- Appendixes
MATRIXX Configuration
MATRIXX Security
MATRIXX Integration
MATRIXX Diameter Integration
MATRIXX Call Control Framework Integration
MATRIXX TM Forum Integration
MATRIXX 5G Integration
MATRIXX 5G Event Streaming
MATRIXX Event Streaming
MATRIXX Administration
MATRIXX Web App Administration
MATRIXX Monitoring and Logging
MATRIXX Policy
MATRIXX Kafka CDR Consumer
MATRIXX Pricing and Rating
MATRIXX Pay Now
MATRIXX Subscriber Management
MATRIXX Subscriber Management API
MATRIXX Business API SDK
My MATRIXX Help
MATRIXX Backoffice Customer Tool Help
MATRIXX Third-Party Licenses
Glossary

Service Accounts

Service accounts are created by default by the MATRIXX Helm chart, assuming the associated components have been enabled. These service accounts are required as the related components interact with the Kubernetes API.

Required Service Accounts lists the required service accounts. For information about configuring service accounts, see the discussion about services and service account configuration.

Table 1. Required Service Accounts
Service Account	Component	Description
engine	MATRIXX Engine	Allows the Engine Controller/Manager to create, query, update and delete Kubernetes resources, such as StatefulSets and services.
activemq	ActiveMQ Gateway	Allows the ActiveMQ Gateway pod to query other pods to dynamically build a network of brokers.
pricing-operator	Pricing Controller and Pricing Loader	Allows the Pricing Controller to query MATRIXX Engine pods and create the Pricing Loader job. It also enables the Pricing Loader pod to run scripts on a MATRIXX Engine pod.
delete-old-transaction-logs`accessGroupID`	Delete Old Transactions cron job	Allows the job to run scripts on the MATRIXX Engine pods.
matrixx-fluentbit-sa-`releaseName`	FluentBit Logging	Allows the component to get additional environment information to augment the logs.
initialize_event_repository-`releaseName`	Initialize Event Repository job	Allows the job to run scripts on the MATRIXX Engine pods.

These service accounts are created for running Helm hooks that are executed during upgrade, rollback, and other Helm operations. These service accounts interact with the Kubernetes API through queries and creating jobs:

releaseNamespace-releaseName-hook-runner
releaseNamespace-releaseName-pre-rollback
releaseNamespace-releaseName-pre-upgrade

Note: releaseNamespace is the namespace to which the Helm chart is being installed, and releaseName is the name used when installing the chart (typically, ag1 is used by default). accessGroupID is the name of the access group being deployed, which is ag1 by default.