The preparations described below are required to install using Helm charts and Docker images. Read through the steps below and follow each step before installing.
...
Add the helm repository
Code Block ##Export your AWS ACCESS and SECRET keys that you have received $ export AWS_ACCESS_KEY_ID=<your_aws_access_key_id> $ export AWS_SECRET_ACCESS_KEY=<your_aws_secret_access_key> $ export AWS_REGION=eu-west-1 $ helm repo add usage-engine-private-edition 's3https://digitalroute-public.github.io/usage-engine-private-edition' $ helm repo update
Note title Note! This installation will not be made on AWS. The helm repository is located at AWS and it will only be used to fetch helm charts from.
[hide] Line Brake [/hide]Check if the charts are available:
Code Block $ helm search repo -l usage-engine-private-edition/usage-engine-private-edition --version <chart version> Example: $ helm search repo -l usage-engine-private-edition/usage-engine-private-edition --version 2.0.0 #The output: NAME CHART VERSION APP VERSION DESCRIPTION usage-engine-private-edition/usage-engine-private-edition 2.0.0 The Usage Engine Private Edition helm chart
[hide] Line Brake [/hide]Create a directory dedicated for the installation and download the platform Helm chart.
Code Block $ mkdir <your directory> $ cd <your directory> $ helm fetch usage-engine-private-edition/usage-engine-private-edition --version <chart version> --untar
[hide] Line Brake [/hide]Make sure the Helm chart is defined for on-premise (Private cloud) by viewing the file: usage-engine-private-edition / values.yaml
Code Block $ cat usage-engine-private-edition/values.yaml | grep environment: # Only on-premise and aws supported for now environment: on-premise
[hide] Line Brake [/hide]If required, modify the Helm chart for the needed level of Access Control for Kubernetes Resources
Info title Access Control for Kubernetes Resources relies on Role Based Access Control (RBAC) when specifying the level of access needed for the kubernetes resources involved in any given installation.
Essentially, to make sure that the service account used has the right level of access in order for to function properly.
Some features do require cluster wide access to certain resources (typically resources that are not namespaced). This is realized by the use of ClusterRoles. If ClusterRoles are not permitted in the given kubernetes cluster for one reason or another, those features will have to be switched off.The following helm values can be used to switch off features relying on ClusterRoles, see the Helm chart for further details:
- mzonline.ecd.nodeHostSelectionEnabled
- mzOperator.rbacAuthProxy.enabled
...
Note | ||
---|---|---|
| ||
Ensure that there is no firewall rule that restricts access to the exposed ports to the cluster. See Installation[hide]2.2[/hide] for more information concerning ports. |
...
Note | ||
---|---|---|
| ||
In the case a Downgrade is needed later, you must define Persistent Storage. For information about Persistent Storage, see Persistent Storage[hide]2.2[/hide]. |