Nexeed
    • Introduction
    • Station UI
      • Introduction
      • Getting started
      • Configuration
      • Dashboard
      • Utility Bar
        • Scanner
        • Notification Center
      • Operations
        • Packing
        • Discard
        • Complete
        • Shortage
        • Unpacking
    • Web UI
      • Label management
        • Create a label
        • Design a label
      • Packaging process
        • Create a packaging process
      • Packaging sequence main page
      • Packaging sequence
      • Packaging station main page
      • Packaging station UI
      • Packaging unit main page
      • Packaging unit
    • Legacy
      • Introduction to the Packaging Control web application
      • Starting the application
      • Login
      • Set up Packaging Control
      • Packing
        • Packaging form
        • Cancellation wizard
      • Process-specific dialogs
        • Ending the process (reject)
        • Starting the repacking process
        • Weight validation
      • Configuration menu
      • Filter options
    • Operations manual
      • Overview
      • System architecture and interfaces
        • Deployment view
        • Architecture
      • System requirements
        • Paco/helm-chart
        • Paco/paco-service
        • Paco/paco-database
        • PackagingControl_<version>_client.mespkg
        • Paco/core-service
        • Paco/core-web-service
        • Paco/printing-service
      • Migration from previous versions
        • Migration from MES to IAS
        • Migration of database
        • Resources mapping from MES to IAS
        • Migration changes from MES to IAS
        • Migration guides from MES to IAS
        • IAS version upgrades
        • Database update with database job
        • Migration job
      • Setup and configuration
        • Helm configuration
        • Database install from scratch
        • Configuration of Packaging Control
        • Configuration of logging
        • Configuration of related service endpoints
        • Configuration of legacy API redirect
        • Configuration of the home tenant ID
        • Configuration of observability
        • Type data
        • Manager and provider modules
        • Timeout configuration
        • Printing
        • Function modules
        • Sub-function modules
        • Client configuration
        • Global functionality
        • Packing unit details
        • Multi-installation deployment
        • Click-once client installation
        • Core service
        • Core web service
        • Printing service
        • Permissions and roles
      • Start and shutdown
        • Startup dependencies
        • Shutdown
      • Regular operations
      • Failure handling
        • Error codes
        • Warning codes
      • Backup and Restore
      • Logging and monitoring
      • Known limitations
        • Multitenancy capability
        • On premise
        • Database support
        • Client non-web login mechanism
    • API documentation
      • Core Service
        • Core service internal HTTP API
        • Core service restricted public HTTP API
      • Legacy Service
        • Paco service internal HTTP API
        • Paco service restricted public HTTP API
      • Printing Service
        • Printing service internal HTTP API
    • Glossary
Packaging Control
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Direct Data Link
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator

Nexeed Learning Portal
  • Packaging Control
  • Operations manual
  • System requirements
  • Paco/helm-chart

Paco/helm-chart

Default configuration

Security context

The securityContext section for the service deployments and jobs should be configured the following way in values.yaml:

deployments:
	<ServiceName>:
	[...]
	securityContext:
	  runAsNonRoot: true
	  allowPrivilegeEscalation: false
	[...]
jobs:
	<JobName>:
	[...]
	securityContext:
	  runAsNonRoot: true
	  allowPrivilegeEscalation: false
	[...]

Multi instances

For the zero downtime requirement, multiple instances (replicas) should be configured and deployed (replicaCount >= 2). Affected deployments: paco-service, core-service, core-web-service.

deployments:
	<ServiceName>:
	[...]
	replicaCount: 2
	[...]

Ingress routing

Each service should be configured with an ingress resource to route the traffic through a common ingress controller. For annotation reusability, a common set of nginx ingress annotations should be configured. Affected deployments: paco-service, core-service, core-web-service, printing-service.

Common nginx ingress annotations should be configured in values.yaml:

  nginxCommonAnnotations: &nginxCommonAnnotations
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
    nginx.ingress.kubernetes.io/proxy-next-upstream: "error timeout invalid_header http_500 http_502 http_503 http_504"
    nginx.ingress.kubernetes.io/proxy-buffering: "off"
    nginx.ingress.kubernetes.io/proxy-body-size: 25m
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-request-buffering: "off"

Ingress configuration for each service should be configured in values.yaml:

deployments:
	<ServiceName>:
	  [...]
      ports:
        - name: http
          protocol: TCP
          value: 2501
          expose:
            service:
              type: ClusterIP
              port: 80
            ingresses:
              - annotations:
                  <<: *nginxCommonAnnotations
                  nginx.ingress.kubernetes.io/rewrite-target: /$1$2
                name: <name of the ingress resource>
                path: '/{{ dig .Chart.Name "contextPath" "" .Values.global.modules }}/(production-api|master-data-api|reporting-api|configuration-api|core-legacy-api|authentication-api|swagger|health|ping|messaging)(/.*|$)'

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses