Preparing for creating Universal Broker deployments

Prerequisites for creating deployments

Before creating deployments, ensure you have met the prerequisites.

Prepare hosts for installation of Universal Broker

Snyk recommends configuring at least two separate instances of the Broker Client for each integration, either on different hosts or installed using a Kubernetes system. This ensures that you always have at least two instances running for redundancy.

Configure your network for using Universal Broker

If you use a proxy server, ensure you configure it and any firewalls to allow the Broker Client inbound and outbound access as follows.

Establish the outbound connection on port 443 from the Broker Client running in your environment to the URLs for your region:

https://broker.snyk.io https://broker.us.snyk.io https://broker.eu.snyk.io OR https://broker.au.snyk.io AND https://api.snyk.io https://app.us.snyk.io/ https://api.eu.snyk.io OR https://api.au.snyk.io

Establish an internal connection that allows inbound access from the integration (SCM, CR) to the Broker Client at the BROKER_CLIENT_URL on the port you have configured (typically 8000). This is not inbound from the internet.

Traffic initiated from the Snyk Broker server side always uses the latest available Broker connection. All activity from the Snyk side, such as traffic driven by recurring tests, appears on only one of your replicas at a time. The amount of Snyk activity is proportional to the activity in the repositories or Jira items. That activity generates webhooks, which are distributed across all replicas

Use the Universal Broker snyk-broker-config CLI tool to configure and manage connections, integrations, and all Universal Broker resources.

Using a previous installation

If you have not previously installed the Universal Broker, refer to the Prerequisites for Universal Broker and Basic steps to install and configure Universal Broker.

Be sure to set your environment variables to make usage easier, including when you are installing the snyk-broker-config CLI tool. Use the following commands:

- export SNYK_TOKEN=xxxx (Linux/Mac)

- export TENANT_ID=yyyy (Linux/Mac)

- set SNYK_TOKEN=xxxx (Wiindows)

- setTENANT_ID=yyyy (Windows)

If the Universal Broker has already been installed, set the Install ID as an environment variable for easier usage. Use the following commands:

- export INSTALL_ID=zzzz (Linux/Mac)

- set INSTALL_ID=zzzz (Windows)