Deploying HCL Commerce Version 9.1 on Kubernetes

Deploying HCL Commerce Version 9.1 on Kubernetes and operating it securely in a production environment requires comprehensive and careful planning, and security hardening considerations. To make it easier to deploy for non-production and testing environments, and to learn about how HCL Commerce consumes data from Vault, Helm charts are provided alongside HCL Commerce for deployment to a Kubernetes cluster. Once Vault is deployed and set up, you can deploy HCL Commerce Version 9.1 with different deployment topologies based on your site requirements.

Important: The environment that you create should not be used for a live production site without further consideration toward security hardening, load balancing, ingress routing, and performance tuning. To operate HCL Commerce Version 9.1 in a live production environment, you must commit further time and resources to both performance and security considerations.

With load balancing and ingress routing specifically, you can configure which services you want to expose externally, and restrict the remaining services within the cluster network. This configuration limits their access from and exposure to the wider Internet.

The following Helm charts are provided for deployment on Kubernetes:
  • hcl-commerce-vaultconsul-helmchart - the Vault-Consul Helm chart is used to deploy your development Vault. Vault is used as a remote configuration center for HCL Commerce Version 9.1, storing environment data, and acting as the certification agent to issue certificates to each HCL Commerce application server based on their unique service names.
  • hcl-commerce-helmchart - the HCL Commerce Version 9.1 Helm chart, used to deploy the various HCL Commerce applications, depending on your selected topology.

Before you begin

  • Review the differences between an authoring and live environment.
    Live
    A live environment includes the capabilities that are needed for a running HCL Commerce production site and serve end-user traffic.
    Authoring
    An authoring environment, commonly referred to as auth, includes extra capabilities beyond the capabilities of a live environment. In an authoring environment, site administrators or business users can make changes to your store and then test and preview the changes. Once confirmed to be correct, the changes can then be propagated to the live environment. The authoring environment also has workspaces enabled. This workspace feature allows business users fine-grained control over site changes before they are propagated to the live environment. For more information on the authoring environment, see Authoring environment.
  • Review the available HCL Commerce topologies. The main distinction in topologies depends on the search solution that is user.
    Elasticsearch-based search deployment
    • Commerce applications:
      • ts-app
      • ts-web
      • tooling-web
      • query
      • Optional: store-web
      • Optional: store
      • Optional: graphql
      • Optional: utils
      • Optional: xc
    • Data applications:
      • Commerce Elasticsearch-based search:
        • nifi
        • data-query
        • ingest
        • registry
      • Third-party:
        • elasticsearch
        • zookeeper
        • redis
    Solr-based search deployment
    • Commerce applications (auth environment):
      • ts-app
      • ts-web
      • tooling-web
      • search_master
      • redis (third-party)
      • Optional: store-web
      • Optional: store
      • Optional: graphql
      • Optional: utils
      • Optional: xc
      • Optional: cache-app
    • Commerce applications (live environment):
      • ts-app
      • ts-web
      • tooling-web
      • search_repeater
      • search_slave
      • redis (third-party)
      • Optional: store-web
      • Optional: store
      • Optional: graphql
      • Optional: utils
      • Optional: xc
      • Optional: cache-app

Procedure