Skip to content
This repository has been archived by the owner on Apr 17, 2024. It is now read-only.

Commit

Permalink
docs: add isntructions for installing KDCC on demo (#47)
Browse files Browse the repository at this point in the history
  • Loading branch information
zalsader authored Oct 5, 2023
1 parent 14f3cf2 commit 8d277e2
Show file tree
Hide file tree
Showing 2 changed files with 158 additions and 0 deletions.
4 changes: 4 additions & 0 deletions docs/.vitepress/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,10 @@ export default withMermaid(
text: '1st Impl Attempt',
link: '/engineering/demo/impl-notes-take-1',
},
{
text: 'Installing KDCC',
link: '/engineering/demo/installing-kdcc.md',
},
],
},
{
Expand Down
154 changes: 154 additions & 0 deletions docs/engineering/demo/installing-kdcc.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,154 @@
---
title: Installing Koor Data Control Center
---

# Installing Koor Data Control Center

This document contains the steps necessary to install Koor Data Control Center on the demo envireonment.

## Install Cert-Manager and Let's Encrypt Issuers

This allows creating a TLS certificate for the cluster

1. Add the Helm repository

```bash
helm repo add jetstack https://charts.jetstack.io
helm repo update
```

2. Install `cert-manager`

```bash
helm install \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.13.1 \
--set installCRDs=true
```

3. Add Let's Encypt issuers

```bash
kubectl apply -f issuers.yaml
```

::: code-group
```yaml [issuers.yaml]
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: letsencrypt-prod
namespace: koor-ceph
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: admin@koor.tech
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt-prod
# Enable the HTTP-01 challenge provider
solvers:
- http01:
ingress:
ingressClassName: nginx
```
:::
References:
1. https://cert-manager.io/docs/installation/helm/
2. https://cert-manager.io/docs/tutorials/getting-started-with-cert-manager-on-google-kubernetes-engine-using-lets-encrypt-for-ingress-ssl/
## Install Nginx Ingress and a Load Balancer
1. Create a Load Balancer in Hetzner. Choose the network of the cluster.
Remove all targets and services since they will be added automatically.
Name your load balancer `demolb`

2. Install ingress-nginx using the helm chart

```bash
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm -n ingress-nginx install ingress-nginx ingress-nginx/ingress-nginx --create-namespace -f nginx-values.yaml
```

::: code-group
```yaml [nginx-values.yaml]
controller:
config:
entries:
use-forwarded-headers: "true"
compute-full-forwarded-for: "true"
use-proxy-protocol: "true"
service:
annotations:
# This is the name of the load balancer just created
load-balancer.hetzner.cloud/name: "demolb"
```
:::

References:
1. https://community.hetzner.com/tutorials/howto-k8s-authentication-with-load-balancer
2. https://kubernetes.github.io/ingress-nginx/deploy/#ovhcloud

## Install Koor Data Control Center and Enable Ingress
Finally we are ready to install KDCC using [the helm chart](https://github.com/koor-tech/data-control-center/tree/main/charts/data-control-center).

```bash
helm repo add data-control-center https://koor-tech.github.io/data-control-center
helm repo update
helm install --create-namespace --namespace rook-ceph data-control-center data-control-center/data-control-center -f values.yaml
```

::: code-group
```yaml [values.yaml]
ingress:
enabled: true
# -- Ingress class name
className: "nginx"
annotations:
cert-manager.io/issuer: letsencrypt-prod
hosts:
- host: demo.koor.tech
paths:
- path: /
pathType: Prefix
tls:
- secretName: data-control-center-tls
hosts:
- demo.koor.tech
config:
users:
- username: admin
password: "<SomeStrongPassword>"
```
:::

## Create a DNS entry for the demo system

Add the following to the `infra` repository

```js
A("k8s-lb", "<Load balancer IPv4>"),
AAAA("k8s-lb", "<Load balancer IPv6>"),
CNAME("demo", "k8s-lb"),
```

## Validate that the system is running

```console
$ kubectl get -n koor-ceph pods
NAME READY STATUS RESTARTS AGE
...
data-control-center-6784c9b8b4-dtwx4 1/1 Running 0 141m
data-control-center-fcgdx 0/1 Completed 0 141m
...
$ kubectl get -n koor-ceph ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
data-control-center nginx demo.koor.tech <Load balancer IPv4>,192.168.0.x,<Load balancer IPv46> 80, 443 12h
```

0 comments on commit 8d277e2

Please sign in to comment.