Document Properties
Kbid29726P
Last Modified16-Dec-2020
Added to KB07-Dec-2020
Public AccessEveryone
StatusOnline
Doc TypeReferences
Product
  • ICM 7.10
  • Intershop CaaS

Reference - CaaS - Mandatory Prerequisites

1 Introduction

This document is addressed to customers and partners and provides information on prerequisites for setting up the CaaS system.

Please address these topics to the respective departments and bring as much information as possible to the kick-off meeting. When the setup phase - consisting of discovery phase, base setup phase and connect & test phase - has started, we need IT experts from the customer present until all questions are clarified. This helps to expedite the setup process.

1.1 References

2 Mandatory Prerequisites

There are indispensable information that must be provided in advance and are essential for the initial setup of the CaaS system in the base setup phase.

The following table shows prerequisites for setting up environments and related responsibilities.

Info

All information should be provided after the kick-off with Intershop and will be documented in a Confluence page in the provided customer space. Please do not sent this information in advance per email.
Question to Partner and Customer

Access to:

  • Storefront and backoffice (ICM, IOM)
  • Back end systems (e.g. ERP, PIM, etc.)

Provide all parties' public IPs (including ports) that should be whitelisted during the project phase to gain access to storefront and back office, as well as back end systems.

Intershop (OPS)

CUSTOMER

PARTNER (DEV)

PWA

  • Ports 22, 80, 443
    • (warning) 195.110.61.246 (Jena)
    • (warning) 195.110.61.200 (Monitoring)
  • Ports 80, 443
    •  (question) TBD (location/usage like London office or ERP service)
  • Ports 22, 80, 443
    •  (question) TBD (location/service name like Berlin office or VPN gateway)
  •  (question) TBD by Intershop after setup

(question) to be provided

(warning) to do

(tick) done (whitelisted)

(error) more information required (source (web or application server?), protocol, port, etc.)

Questions to Partner
Jenkins

Define the authentication provider:

We want to increase the security in regards to accessing the CaaS system (somebody left the project, but access will not be removed) and want to reduce the effort on both sides when setting up user access (single user account). Because of this we strongly recommend to use a Microsoft account to log in. This is mandatory for Azure DevOps and we want to use this for authentication on Jenkins too.

Provide list of users with name, e-mail and public SSH key to access:

  • CI/CD service (Azure DevOps), if necessary/relevant
  • Jenkins (to run jobs like deployment)
  • INT Environment (access developer environment via SSH connection)
Questions to Customer
VPN and private IP address range

Do we need to establish a VPN connection to connect any back end services from the customer? Or will access be provided via public internet?

See also CaaS FAQ - How to set up a VPN? (if necessary)

If the answer is yes:

  • Will a VPN be used to connect the back end services?
  • Will a VPN be used by customer employees to connect to Intershop services?

VPN is an additional optional service which can be provided by Intershop.

To set up a VPN, it is necessary to agree on used private IP ranges to prevent network address conflicts.

Default private IP ranges in Intershop ICM CaaS system are as follows:

Standard

IP range (default)Purpose

10.0.0.0/25

shared services
10.1.1.0/25ICM INT
10.1.2.0/25ICM UAT
10.1.3.0/25ICM PRD

Alternative A

IP range (default)Purpose
172.16.0.0/25shared services
172.21.1.0/25ICM INT
172.21.2.0/25ICM UAT
172.21.3.0/25ICM PRD

Alternative B

IP range (default)Purpose

192.168.0.0/25

Shared services
192.168.1.0/25ICM INT
192.168.2.0/25ICM UAT
192.168.3.0/25ICM PRD
Domains

Define the domains of the webshop for all environments. See Domain Examples below.

SSL Certificates

Provide SSL certificates for the above domains (dedicated, SAN or a Wildcard Certificate), also see Reference - CaaS FAQ | What are the Requirements for DNS and SSL/TLS Certificates?

JenkinsIf development is also done by the customer, answer the "Jenkins" questions in the "Partner" section above as well.
Mail Service

Provide an SMTP service or an endpoint to which Intershop relays customer emails (e.g. order confirmation mails), see Mail Service - Necessary Information below.

Is the mail service already available? If not, when will it be? 

Please note, that Intershop provides no mail service. However it is required to have one.

See Reference - CaaS FAQ | How to Configure the Mail Service of ICM?

2.1 Domain Examples

The following table shows domain information including example domains. These must be defined by the customer. See CaaS FAQ - Requirements for DNS and SSL/TLS Certificates.

Best practice example (mydomain.com will be replaced by the customers domain):

EnvironmentClusterDomain Name
(to be configured by the customer to point to "CNAME")
PRDliveshop.mydomain.com
editshop-edit.mydomain.com
UATliveshop-uat-live.mydomain.com
editshop-uat-edit.mydomain.com
INTliveshop-int-live.mydomain.com
editshop-int-edit.mydomain.com

2.2 Mail Service - Necessary Information

The following information must be defined by the customer and is required to connect to a 3rd party mail provider like a Microsoft 365 (Exchange) account. Of course one account can be offered for all environments.

ParameterPRDUATINT
AppSvr1
  • Live: TBD
  • Edit: TBD
  • Live: TBD
  • Edit: TBD
  • Live: TBD
  • Edit: TBD
URL

TBD

TBDTBD
Port

TBD

TBDTBD
User

TBD

TBDTBD
Password

provide via one-time link like https://onetimesecret.com/ 

Outgoing public IP of app servers for ICM clusters (live and edit)

Empty fields (TBD) must be defined/provided.

Disclaimer

The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.

Customer Support
Knowledge Base
Product Resources
Tickets