SlideShare ist ein Scribd-Unternehmen logo

Component pack 6006 install guide

Roberto Boccadoro
Roberto Boccadoro

Installation guide for IBM Connections Component Pack 6.0.0.6

Software
1 von 11
Downloaden Sie, um offline zu lesen
Component Pack 6.0.0.6 Installation Guide Martti Garden – IBM Roberto Boccadoro – ELD Engineering
Note:this document details atest installation. For productioninstallations refer to the Knowledge Base We will installonthree servers: ComponentPackMaster:soc.yourserver.com ComponentPackGenericWorkerOM+Customizer:soc1.yourserver.com ComponentPackES WorkerElasticsearch:soc2.yourserver.com The Connectionsserveriscon.yourserver.com Preparing the system: openfirewall portoneachmachine firewall-cmd --zone=public --add-port=6443/tcp --permanent firewall-cmd --zone=public --add-port=10250/tcp --permanent firewall-cmd --zone=public --add-port=10251/tcp --permanent firewall-cmd --zone=public --add-port=10252/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --zone=public --add-port=5000/tcp --permanent firewall-cmd --zone=public --add-port=30001/tcp --permanent firewall-cmd --zone=public --add-port=30099/tcp --permanent firewall-cmd --zone=public --add-port=31100/tcp --permanent firewall-cmd --zone=public --add-port=32721/tcp --permanent firewall-cmd --zone=public --add-port=32200/tcp --permanent firewall-cmd --zone=public --add-port=27017/tcp --permanent firewall-cmd --zone=public --add-port=30484/tcp --permanent firewall-cmd --zone=public --add-port=32333/tcp --permanent firewall-cmd –reload
Installing pre-requisites Installing Docker17.03. (on each server) yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum-config-manager --disable docker* yum-config-manager --enable docker-ce-stable yum install -y --setopt=obsoletes=0 docker-ce-17.03* yum makecache fast sudo systemctl start docker sudo systemctl enable docker.service yum-config-manager --disable docker* ConfigureDockerwith the devicemapperstoragedriver(loop-lvm)(on each server) sudo systemctl stop docker vi /etc/docker/daemon.json add: { "storage-driver": "devicemapper" } save & exit sudo systemctl start docker CheckDevice Mapperisrunningby: docker info Disable swaponeachserver swapoff -a vi /etc/fstab commentoutfollowingline: /dev/mapper/cl-swap swap swap defaults 0 0 save and exit if changeswere made infstabrun the following command: mount -a Installkubeadm, kubelet, and kubectl(on each server) vi /etc/yum.repos.d/kubernetes.repo add
[kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg save and close The setenforce 0command disablesSELinuxtoallow containerstoaccessthe hostfile system(requiredby podnetworks,forexample). setenforce 0 yum install -y kubelet-1.11.1* kubeadm-1.11.1* kubectl-1.11.1* systemctl enable kubelet && systemctl start kubelet Ensure that the packagesdo not upgrade toa laterversionbyrunningthe followingcommandtodisable the kubernetesyumrepo: yum-config-manager --disable kubernetes* #Some userson RHEL/CentOS7 have reportedissueswithtrafficbeingroutedincorrectlydue toiptables beingbypassed.To avoidthisproblem, runthe followingcommandstoensure thatnet.bridge.bridge-nf- call-iptablesissetto1 in yoursysctl config: vi /etc/sysctl.d/k8s.conf add net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 save and close sysctl –system Initializing Master(on Master) UsingCalicoas pod networkaddon kubeadm init --kubernetes-version=v1.11.1 --pod-network- cidr=192.168.0.0/16 ATTENTION:Copyout kubeadmjoincommand - will be neededlater! (kubeadmjoinIP_ADDR:6443--tokeneuh9gv.a3hjyafpplr88t8q --discovery-token-ca-cert-hash sha256:4ea5cda8d56a8907644965e6bc8a4e41ebb4028eaa9c8bb5c92357003fab6f71) mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Install apod networkadd-on(here Calico)sothatyour podscan communicate witheachother. kubectl apply -f https://docs.projectcalico.org/v3.1/getting- started/kubernetes/installation/hosted/rbac-kdd.yaml kubectl apply -f https://docs.projectcalico.org/v3.1/getting- started/kubernetes/installation/hosted/kubernetes-datastore/calico- networking/1.7/calico.yaml Join Workers(on WorkerNodes) Run the commandyou copiedonbothWorkers kubeadm join IP_ADDR:6443 --token euh9gv.a3hjyafpplr88t8q --discovery- token-ca-cert-hash sha256:4ea5cda8d56a8907644965e6bc8a4e41ebb4028eaa9c8bb5c92357003fab6f71 checksuccesson masterwith: kubectl get nodes copy the Master configurationtothe Workernodes mkdir-p$HOME/.kube scp root@IP_ADDR:$HOME/.kube/config$HOME/.kube sudochown$(id -u):$(id -g) $HOME/.kube/config InstallHelm (on Master) wget https://storage.googleapis.com/kubernetes-helm/helm-v2.11.0-linux- amd64.tar.gz tar -zxvf helm-v2.11.0-linux-amd64.tar.gz sudo mv linux-amd64/helm /usr/local/bin/helm helm init kubectl create clusterrolebinding add-on-cluster-admin -- clusterrole=cluster-admin --serviceaccount=kube-system:default sudo rm -f helm-v2.11.0-linux-amd64.tar.gz Testenvironment(everypodshouldbe running): kubectl get pods -n kube-system CreateConnectionsNamespace(on Master) kubectl create namespace connections InstallDockerRegistry (on Master) Create directories: mkdir /docker-registry mkdir /docker-registry/{auth,certs,registry} Create passwordfile:
docker run --entrypoint htpasswd registry:2 -Bbn admin mypassword > /docker-registry/auth/htpasswd Create self signedcerts: openssl req -newkey rsa:4096 -nodes -sha256 -keyout key.pem -x509 -days 3650 -out cert.pem Copycert and keyto dockerdirectory: cp key.pem cert.pem /docker-registry/certs Create directoriesonall machinesincluster: mkdir /etc/docker/certs.d mkdir /etc/docker/certs.d/soc.yourserver.com:5000/ Copycert to dockerdir: cp cert.pem /etc/docker/certs.d/soc.yourserver.com:5000/ca.crt SCPthe cert fromthe dockerregistrymachine toall othermachinesinthe kubernetescluster: scp cert.pem soc1.yourserver.com:/etc/docker/certs.d/soc.yourserver.com:5000/ca.crt scp cert.pem soc2.yourserver.com:/etc/docker/certs.d/soc.yourserver.com:5000/ca.crt Create registry: docker run -d -p 5000:5000 --restart=always --name registry -v /docker- registry/auth:/auth -v /docker-registry/certs:/certs -v /docker- registry/registry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" -e "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/cert.pem" -e "REGISTRY_HTTP_TLS_KEY=/certs/key.pem" registry:2 Verify: docker login -u admin -p mypassword soc.yourserver.com:5000 create image pull secret kubectl create secret docker-registry myregkey -n connections --docker- server=soc.yourserver.com:5000 --docker-username=admin --docker- password=mypassword Createpersistantvolumes(on Master/NFS Server) Note:this is validfor PoCinstallationsand not for production.In production, it isbest practice to have the NFSshare on a storage serverthat is not part of the Kubernetescluster,but for a proof of concept, non-HA deployment,itisacceptable to host the NFSshare on your Kubernetesmaster. sudo mkdir -p /pv-connections/esdata-{0,1,2} sudo mkdir -p /pv-connections/esbackup sudo mkdir -p /pv-connections/customizations
sudo mkdir -p /pv-connections/mongo-node-{0,1,2}/data/db sudo mkdir -p /pv-connections/solr-data-solr-{0,1,2} sudo mkdir -p /pv-connections/zookeeper-data-zookeeper-{0,1,2} sudo chmod -R 777 /pv-connections unzip -p hybridcloud_20180925-031433.zip microservices_connections/hybridcloud/support/nfsSetup.sh > nfsSetup.sh unzip -p hybridcloud_20180925-031433.zip microservices_connections/hybridcloud/support/volumes.sh > volumes.sh If you needonlyafewcomponentschange the volumes.txtin extractedFolder/microservices_connections/hybridcloud/support cd /root/cp6006/microservices_connections/hybridcloud/support/ sudo bash nfsSetup.sh to checkcreatedsharesrun sudo cat /etc/exports Install persistentvolumesusingHelm helm install --name=connections-volumes /root/cp6006/microservices_connections/hybridcloud/helmbuilds/connections -persistent-storage-nfs-0.1.0.tgz --set nfs.server=IP_ADDR extractedFolder/microservices_connections/hybridcloud/helmbuilds/connecti ons-persistent---set solr.enabled=false,zk.enabled=false,mongo.enabled=false,customizer.en abled=false,nfs.server=IP_ADDR Labeling and tainting workernodesforElasticsearch (on Master) Get listof available nodes kubectl get nodes run commandwithnode name added kubectl label nodes soc2.yourserver.com type=infrastructure --overwrite kubectl taint nodes soc2.yourserver.com dedicated=infrastructure:NoSchedule –overwrite Pushing theimagesto theDockerregistry (on Master) cd /root/cp6006/microservices_connections/hybridcloud/support ./setupImages.sh -dr soc.yourserver.com:5000 -u admin -p mypassword -st customizer,elasticsearch,orientme Bootstrapping theKubernetescluster(on Master) BootstrappingaKubernetesclusterperformsthe followingtasks:vValidatesthe Kubernetesconfiguration / Createsthe requiredKubernetessecrets/Createsthe requiredIBMConnectionscertificates/Configures Redisforuse by the OrientMe component
/root/cp6006/microservices_connections/hybridcloud/helmbuilds/bootstrap- 0.1.0-20180924-133245.tgz --set image.repository="soc.yourserver.com:5000/connections",env.set_ic_admin_u ser=wasadmin,env.set_ic_admin_password=YOUR_PASSWORD,env.set_ic_internal= con.yourserver.com,env.set_master_ip=IP_ADDR,env.set_elasticsearch_ca_pas sword=mypassword,env.set_elasticsearch_key_password=mypassword,env.set_re dis_secret=mypassword,env.set_search_secret=mypassword,env.set_solr_secre t=mypassword Checksuccess(Shouldshow"Complete") kubectl get pods -n connections -a | grep bootstrap RestartCommonand NewsapplicationonConnectionsServer
Installing the Component Pack Installing theComponentPack'sconnections-env(on master) helm install --name=connections-env /root/cp6006/microservices_connections/hybridcloud/helmbuilds/connections -env-0.1.40-20180919-173326.tgz --set createSecret=false,ic.host=con.yourserver.com,ic.internal=con.yourserver. com verifywith(shouldshowdeployed): helm list Installing theComponentPack'sinfrastructure(on master) helm install --name=infrastructure /root/cp6006/microservices_connections/hybridcloud/helmbuilds/infrastruct ure-0.1.0-20180925-030258.tgz --set global.onPrem=true,global.image.repository=soc.yourserver.com:5000/connec tions,mongodb.createSecret=false,appregistry- service.deploymentType=hybrid_cloud verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up): kubectl get pods -n connections Installing theComponentPack'sOrientMe(on master) helm install --name=orientme /root/cp6006/microservices_connections/hybridcloud/helmbuilds/orientme- 0.1.0-20180925-030334.tgz --set global.onPrem=true,global.image.repository=soc.yourserver.com:5000/connec tions,orient-web-client.service.nodePort=30001,itm- services.service.nodePort=31100,mail- service.service.nodePort=32721,community- suggestions.service.nodePort=32200 verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up): kubectl get pods -n connections Installing theComponentPack'sElasticSearch (on master) helm install --name=elasticsearch /root/cp6006/microservices_connections/hybridcloud/helmbuilds/elasticsear ch-0.1.0-20180921-115419.tgz --set image.repository=soc.yourserver.com:5000/connections,nodeAffinityRequired =true verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up):
kubectl get pods -n connections Installing theComponentPack'sCustomizer(on master) helm install --name=mw-proxy /root/cp6006/microservices_connections/hybridcloud/helmbuilds/mw-proxy- 0.1.0-20180924-103122.tgz --set image.repository=soc.yourserver.com:5000/connections,deploymentType=hybri d_cloud verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up): kubectl get pods -n connections Installing theDasboardsforformonitoring and logging (on master) mkdir /opt/kubernetes-dashboard create keys openssl req -nodes -new -x509 -keyout /opt/kubernetes- dashboard/dashboard.key -out /opt/kubernetes-dashboard/dashboard.crt - subj "/CN=dashboard" kubectl create secret generic kubernetes-dashboard-certs --from- file=/opt/kubernetes-dashboard -n kube-system kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/ recommended/kubernetes-dashboard.yaml kubectl apply -f /root/cp6006/microservices_connections/hybridcloud/support/dashboard- admin.yaml kubectl patch svc kubernetes-dashboard -n kube-system -p '{"spec":{"type": "NodePort"}}' kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/influxdb/grafana.yaml kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/influxdb/heapster.yaml kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/influxdb/influxdb.yaml kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/rbac/heapster-rbac.yaml nohup kubectl proxy --address=159.8.241.236 -p 443 --accept-hosts='^*$' &
Verifywith http://IP_ADDR:443/api/v1/namespaces/kube- system/services/https:kubernetes-dashboard:/proxy/ Installing theComponentPack'sSanity Dashboard (on master) helm install --name=sanity /root/cp6006/microservices_connections/hybridcloud/helmbuilds/sanity- 0.1.8-20180924-121014.tgz --set image.repository=soc.yourserver.com:5000/connections Get the applicationURLby runningthese commands: export NODE_PORT=$(kubectl get --namespace connections -o jsonpath="{.spec.ports[0].nodePort}" services sanity) export NODE_IP=$(kubectl get nodes --namespace connections -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT helm install --name=sanity-watcher /root/cp6006/microservices_connections/hybridcloud/helmbuilds/sanity- watcher-0.1.0-20180830-052154.tgz --set image.repository=soc.yourserver.com:5000/connections Installing theComponentPack'sElasticStack (on master) helm install --name=elasticstack /root/cp6006/microservices_connections/hybridcloud/helmbuilds/elasticstac k-0.1.0-20180925-030346.tgz --set global.onPrem=true,global.image.repository=soc.yourserver.com:5000/connec tions Accessingthe KibanaDashboard Opena browserandnavigate to https://soc.yourserver.com:32333 FirstTime Setup: Enter ‘comppackk8s-*’asthe index name orpatternand click‘Create’

Empfohlen

Docker practice
Docker practiceDocker practice
Docker practicewonyong hwang
 
Docker security
Docker securityDocker security
Docker securityJanos Suto
 
Hyperledger composer
Hyperledger composerHyperledger composer
Hyperledger composerwonyong hwang
 
DeveloperWeek 2015: A Practical Introduction to Docker
DeveloperWeek 2015: A Practical Introduction to DockerDeveloperWeek 2015: A Practical Introduction to Docker
DeveloperWeek 2015: A Practical Introduction to DockerSteve Smith
 
ERP System Implementation Kubernetes Cluster with Sticky Sessions
ERP System Implementation Kubernetes Cluster with Sticky Sessions ERP System Implementation Kubernetes Cluster with Sticky Sessions
ERP System Implementation Kubernetes Cluster with Sticky Sessions Chanaka Lasantha
 
kubernetes practice
kubernetes practicekubernetes practice
kubernetes practicewonyong hwang
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
 
Network Manual
Network ManualNetwork Manual
Network ManualJason Myers
 

Weitere ähnliche Inhalte

Was ist angesagt?

Fedora Atomic Workshop handout for Fudcon Pune 2015
Fedora Atomic Workshop handout for Fudcon Pune 2015Fedora Atomic Workshop handout for Fudcon Pune 2015
Fedora Atomic Workshop handout for Fudcon Pune 2015rranjithrajaram
 
High Availability Server with DRBD in linux
High Availability Server with DRBD in linuxHigh Availability Server with DRBD in linux
High Availability Server with DRBD in linuxAli Rachman
 
青云CoreOS虚拟机部署kubernetes
青云CoreOS虚拟机部署kubernetes 青云CoreOS虚拟机部署kubernetes
青云CoreOS虚拟机部署kubernetes Zhichao Liang
 
Tested install-isp config3-ubuntu-16-04
Tested install-isp config3-ubuntu-16-04Tested install-isp config3-ubuntu-16-04
Tested install-isp config3-ubuntu-16-04SANTIAGO HERNÁNDEZ
 
9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_trainingvideos
 
Introduction to JumpStart
Introduction to JumpStartIntroduction to JumpStart
Introduction to JumpStartScott McDermott
 
Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Ben Hall
 
Rhce syllabus | Red Hat Linux Training: IPSR Solutions
Rhce syllabus | Red Hat Linux Training: IPSR SolutionsRhce syllabus | Red Hat Linux Training: IPSR Solutions
Rhce syllabus | Red Hat Linux Training: IPSR SolutionsIPSRAptitudetraining
 
ByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalivedByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalivedredhat9
 
3. configuring a compute node for nfv
3. configuring a compute node for nfv3. configuring a compute node for nfv
3. configuring a compute node for nfvvideos
 
On-Demand Image Resizing
On-Demand Image ResizingOn-Demand Image Resizing
On-Demand Image ResizingJonathan Lee
 
Open stack pike-devstack-tutorial
Open stack pike-devstack-tutorialOpen stack pike-devstack-tutorial
Open stack pike-devstack-tutorialEueung Mulyana
 
Deep dive in Docker Overlay Networks
Deep dive in Docker Overlay NetworksDeep dive in Docker Overlay Networks
Deep dive in Docker Overlay NetworksLaurent Bernaille
 
Docker remote-api
Docker remote-apiDocker remote-api
Docker remote-apiEric Ahn
 
How to create a secured cloudera cluster
How to create a secured cloudera clusterHow to create a secured cloudera cluster
How to create a secured cloudera clusterTiago Simões
 

Was ist angesagt? (20)

Fedora Atomic Workshop handout for Fudcon Pune 2015
Fedora Atomic Workshop handout for Fudcon Pune 2015Fedora Atomic Workshop handout for Fudcon Pune 2015
Fedora Atomic Workshop handout for Fudcon Pune 2015
 
High Availability Server with DRBD in linux
High Availability Server with DRBD in linuxHigh Availability Server with DRBD in linux
High Availability Server with DRBD in linux
 
Freeradius edir
Freeradius edirFreeradius edir
Freeradius edir
 
RHCE Training
RHCE TrainingRHCE Training
RHCE Training
 
青云CoreOS虚拟机部署kubernetes
青云CoreOS虚拟机部署kubernetes 青云CoreOS虚拟机部署kubernetes
青云CoreOS虚拟机部署kubernetes
 
Tested install-isp config3-ubuntu-16-04
Tested install-isp config3-ubuntu-16-04Tested install-isp config3-ubuntu-16-04
Tested install-isp config3-ubuntu-16-04
 
9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training
 
Introduction to JumpStart
Introduction to JumpStartIntroduction to JumpStart
Introduction to JumpStart
 
Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)
 
Rhce syllabus | Red Hat Linux Training: IPSR Solutions
Rhce syllabus | Red Hat Linux Training: IPSR SolutionsRhce syllabus | Red Hat Linux Training: IPSR Solutions
Rhce syllabus | Red Hat Linux Training: IPSR Solutions
 
ByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalivedByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalived
 
Unix executable buffer overflow
Unix executable buffer overflowUnix executable buffer overflow
Unix executable buffer overflow
 
3. configuring a compute node for nfv
3. configuring a compute node for nfv3. configuring a compute node for nfv
3. configuring a compute node for nfv
 
On-Demand Image Resizing
On-Demand Image ResizingOn-Demand Image Resizing
On-Demand Image Resizing
 
Open stack pike-devstack-tutorial
Open stack pike-devstack-tutorialOpen stack pike-devstack-tutorial
Open stack pike-devstack-tutorial
 
Deep dive in Docker Overlay Networks
Deep dive in Docker Overlay NetworksDeep dive in Docker Overlay Networks
Deep dive in Docker Overlay Networks
 
Docker remote-api
Docker remote-apiDocker remote-api
Docker remote-api
 
Lab docker
Lab dockerLab docker
Lab docker
 
How to create a secured cloudera cluster
How to create a secured cloudera clusterHow to create a secured cloudera cluster
How to create a secured cloudera cluster
 
Habilitar repositorio EPEL RHEL
Habilitar repositorio EPEL RHELHabilitar repositorio EPEL RHEL
Habilitar repositorio EPEL RHEL
 

Ähnlich wie Component pack 6006 install guide

Vagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptopVagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptopLorin Hochstein
 
Real World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionReal World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionBen Hall
 
k8s practice 2023.pptx
k8s practice 2023.pptxk8s practice 2023.pptx
k8s practice 2023.pptxwonyong hwang
 
Docker container management
Docker container managementDocker container management
Docker container managementKarol Kreft
 
Things I've learned working with Docker Support
Things I've learned working with Docker SupportThings I've learned working with Docker Support
Things I've learned working with Docker SupportSujay Pillai
 
Exploring the Future of Helm
Exploring the Future of HelmExploring the Future of Helm
Exploring the Future of HelmMatthew Farina
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作Philip Zheng
 
DCEU 18: Tips and Tricks of the Docker Captains
DCEU 18: Tips and Tricks of the Docker CaptainsDCEU 18: Tips and Tricks of the Docker Captains
DCEU 18: Tips and Tricks of the Docker CaptainsDocker, Inc.
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slidesDocker, Inc.
 
Continuous delivery with docker
Continuous delivery with dockerContinuous delivery with docker
Continuous delivery with dockerJohan Janssen
 
Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)Soshi Nemoto
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptxJayakumarS71
 
Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6LetsConnect
 
Introction to docker swarm
Introction to docker swarmIntroction to docker swarm
Introction to docker swarmHsi-Kai Wang
 
Bpug mcollective 20140624
Bpug mcollective 20140624Bpug mcollective 20140624
Bpug mcollective 20140624Johan De Wit
 
Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0Gobinath Panchavarnam
 

Ähnlich wie Component pack 6006 install guide (20)

Vagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptopVagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptop
 
Real World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionReal World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and Production
 
k8s practice 2023.pptx
k8s practice 2023.pptxk8s practice 2023.pptx
k8s practice 2023.pptx
 
Docker container management
Docker container managementDocker container management
Docker container management
 
Things I've learned working with Docker Support
Things I've learned working with Docker SupportThings I've learned working with Docker Support
Things I've learned working with Docker Support
 
Cloud RPI4 tomcat ARM64
Cloud RPI4 tomcat ARM64Cloud RPI4 tomcat ARM64
Cloud RPI4 tomcat ARM64
 
Helm @ Orchestructure
Helm @ OrchestructureHelm @ Orchestructure
Helm @ Orchestructure
 
Exploring the Future of Helm
Exploring the Future of HelmExploring the Future of Helm
Exploring the Future of Helm
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作
 
DCEU 18: Tips and Tricks of the Docker Captains
DCEU 18: Tips and Tricks of the Docker CaptainsDCEU 18: Tips and Tricks of the Docker Captains
DCEU 18: Tips and Tricks of the Docker Captains
 
Snort-IPS-Tutorial
Snort-IPS-TutorialSnort-IPS-Tutorial
Snort-IPS-Tutorial
 
Simple docker hosting in FIWARE Lab
Simple docker hosting in FIWARE LabSimple docker hosting in FIWARE Lab
Simple docker hosting in FIWARE Lab
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
Continuous delivery with docker
Continuous delivery with dockerContinuous delivery with docker
Continuous delivery with docker
 
Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptx
 
Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6
 
Introction to docker swarm
Introction to docker swarmIntroction to docker swarm
Introction to docker swarm
 
Bpug mcollective 20140624
Bpug mcollective 20140624Bpug mcollective 20140624
Bpug mcollective 20140624
 
Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0Powervc upgrade from_1.3.0.2_to_1.3.2.0
Powervc upgrade from_1.3.0.2_to_1.3.2.0
 

Mehr von Roberto Boccadoro

Step by step installation domino on docker
Step by step installation domino on dockerStep by step installation domino on docker
Step by step installation domino on dockerRoberto Boccadoro
 
Hitchhiker's guide to troubleshooting Connections Think2018
Hitchhiker's guide to troubleshooting Connections Think2018Hitchhiker's guide to troubleshooting Connections Think2018
Hitchhiker's guide to troubleshooting Connections Think2018Roberto Boccadoro
 
Socconx12 integrating ibm connections docs 2 and box
Socconx12 integrating ibm connections docs 2 and boxSocconx12 integrating ibm connections docs 2 and box
Socconx12 integrating ibm connections docs 2 and boxRoberto Boccadoro
 
Installing community surveys in connections 5.5
Installing community surveys in connections 5.5Installing community surveys in connections 5.5
Installing community surveys in connections 5.5Roberto Boccadoro
 
Ibm connections docs 2 install guide
Ibm connections docs 2 install guideIbm connections docs 2 install guide
Ibm connections docs 2 install guideRoberto Boccadoro
 
Installing ibm docs on a single server
Installing ibm docs on a single serverInstalling ibm docs on a single server
Installing ibm docs on a single serverRoberto Boccadoro
 
Update to IBM Connections 5 CR1 step by-step guide
Update to IBM Connections 5 CR1 step by-step guideUpdate to IBM Connections 5 CR1 step by-step guide
Update to IBM Connections 5 CR1 step by-step guideRoberto Boccadoro
 

Mehr von Roberto Boccadoro (10)

Hcl digital experience
Hcl digital experienceHcl digital experience
Hcl digital experience
 
Step by step installation domino on docker
Step by step installation domino on dockerStep by step installation domino on docker
Step by step installation domino on docker
 
Hitchhiker's guide to troubleshooting Connections Think2018
Hitchhiker's guide to troubleshooting Connections Think2018Hitchhiker's guide to troubleshooting Connections Think2018
Hitchhiker's guide to troubleshooting Connections Think2018
 
Socconx12 integrating ibm connections docs 2 and box
Socconx12 integrating ibm connections docs 2 and boxSocconx12 integrating ibm connections docs 2 and box
Socconx12 integrating ibm connections docs 2 and box
 
Eld access management
Eld access managementEld access management
Eld access management
 
Eld psw-ppt-170626111319
Eld psw-ppt-170626111319Eld psw-ppt-170626111319
Eld psw-ppt-170626111319
 
Installing community surveys in connections 5.5
Installing community surveys in connections 5.5Installing community surveys in connections 5.5
Installing community surveys in connections 5.5
 
Ibm connections docs 2 install guide
Ibm connections docs 2 install guideIbm connections docs 2 install guide
Ibm connections docs 2 install guide
 
Installing ibm docs on a single server
Installing ibm docs on a single serverInstalling ibm docs on a single server
Installing ibm docs on a single server
 
Update to IBM Connections 5 CR1 step by-step guide
Update to IBM Connections 5 CR1 step by-step guideUpdate to IBM Connections 5 CR1 step by-step guide
Update to IBM Connections 5 CR1 step by-step guide
 

Kürzlich hochgeladen

2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdfAndrey Devyatkin
 
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...kalichargn70th171
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...Bert Jan Schrijver
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slidesvaideheekore1
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfPros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfkalichargn70th171
 
Advantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptxAdvantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptxRTS corp
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
Key Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapKey Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapIshara Amarasekera
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldRoberto Pérez Alcolea
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfRTS corp
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolsosttopstonverter
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfmaor17
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxAS Design & AST.
 
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxUnderstanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxSasikiranMarri
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesVictoriaMetrics
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jNeo4j
 

Kürzlich hochgeladen (20)

2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
 
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slides
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfPros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
 
Advantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptxAdvantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptx
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
Key Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapKey Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery Roadmap
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository world
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration tools
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdf
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptx
 
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxUnderstanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 Updates
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
 

Component pack 6006 install guide

  • 1. Component Pack 6.0.0.6 Installation Guide Martti Garden – IBM Roberto Boccadoro – ELD Engineering
  • 2. Note:this document details atest installation. For productioninstallations refer to the Knowledge Base We will installonthree servers: ComponentPackMaster:soc.yourserver.com ComponentPackGenericWorkerOM+Customizer:soc1.yourserver.com ComponentPackES WorkerElasticsearch:soc2.yourserver.com The Connectionsserveriscon.yourserver.com Preparing the system: openfirewall portoneachmachine firewall-cmd --zone=public --add-port=6443/tcp --permanent firewall-cmd --zone=public --add-port=10250/tcp --permanent firewall-cmd --zone=public --add-port=10251/tcp --permanent firewall-cmd --zone=public --add-port=10252/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --zone=public --add-port=5000/tcp --permanent firewall-cmd --zone=public --add-port=30001/tcp --permanent firewall-cmd --zone=public --add-port=30099/tcp --permanent firewall-cmd --zone=public --add-port=31100/tcp --permanent firewall-cmd --zone=public --add-port=32721/tcp --permanent firewall-cmd --zone=public --add-port=32200/tcp --permanent firewall-cmd --zone=public --add-port=27017/tcp --permanent firewall-cmd --zone=public --add-port=30484/tcp --permanent firewall-cmd --zone=public --add-port=32333/tcp --permanent firewall-cmd –reload
  • 3. Installing pre-requisites Installing Docker17.03. (on each server) yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum-config-manager --disable docker* yum-config-manager --enable docker-ce-stable yum install -y --setopt=obsoletes=0 docker-ce-17.03* yum makecache fast sudo systemctl start docker sudo systemctl enable docker.service yum-config-manager --disable docker* ConfigureDockerwith the devicemapperstoragedriver(loop-lvm)(on each server) sudo systemctl stop docker vi /etc/docker/daemon.json add: { "storage-driver": "devicemapper" } save & exit sudo systemctl start docker CheckDevice Mapperisrunningby: docker info Disable swaponeachserver swapoff -a vi /etc/fstab commentoutfollowingline: /dev/mapper/cl-swap swap swap defaults 0 0 save and exit if changeswere made infstabrun the following command: mount -a Installkubeadm, kubelet, and kubectl(on each server) vi /etc/yum.repos.d/kubernetes.repo add
  • 4. [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg save and close The setenforce 0command disablesSELinuxtoallow containerstoaccessthe hostfile system(requiredby podnetworks,forexample). setenforce 0 yum install -y kubelet-1.11.1* kubeadm-1.11.1* kubectl-1.11.1* systemctl enable kubelet && systemctl start kubelet Ensure that the packagesdo not upgrade toa laterversionbyrunningthe followingcommandtodisable the kubernetesyumrepo: yum-config-manager --disable kubernetes* #Some userson RHEL/CentOS7 have reportedissueswithtrafficbeingroutedincorrectlydue toiptables beingbypassed.To avoidthisproblem, runthe followingcommandstoensure thatnet.bridge.bridge-nf- call-iptablesissetto1 in yoursysctl config: vi /etc/sysctl.d/k8s.conf add net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 save and close sysctl –system Initializing Master(on Master) UsingCalicoas pod networkaddon kubeadm init --kubernetes-version=v1.11.1 --pod-network- cidr=192.168.0.0/16 ATTENTION:Copyout kubeadmjoincommand - will be neededlater! (kubeadmjoinIP_ADDR:6443--tokeneuh9gv.a3hjyafpplr88t8q --discovery-token-ca-cert-hash sha256:4ea5cda8d56a8907644965e6bc8a4e41ebb4028eaa9c8bb5c92357003fab6f71) mkdir -p $HOME/.kube
  • 5. sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Install apod networkadd-on(here Calico)sothatyour podscan communicate witheachother. kubectl apply -f https://docs.projectcalico.org/v3.1/getting- started/kubernetes/installation/hosted/rbac-kdd.yaml kubectl apply -f https://docs.projectcalico.org/v3.1/getting- started/kubernetes/installation/hosted/kubernetes-datastore/calico- networking/1.7/calico.yaml Join Workers(on WorkerNodes) Run the commandyou copiedonbothWorkers kubeadm join IP_ADDR:6443 --token euh9gv.a3hjyafpplr88t8q --discovery- token-ca-cert-hash sha256:4ea5cda8d56a8907644965e6bc8a4e41ebb4028eaa9c8bb5c92357003fab6f71 checksuccesson masterwith: kubectl get nodes copy the Master configurationtothe Workernodes mkdir-p$HOME/.kube scp root@IP_ADDR:$HOME/.kube/config$HOME/.kube sudochown$(id -u):$(id -g) $HOME/.kube/config InstallHelm (on Master) wget https://storage.googleapis.com/kubernetes-helm/helm-v2.11.0-linux- amd64.tar.gz tar -zxvf helm-v2.11.0-linux-amd64.tar.gz sudo mv linux-amd64/helm /usr/local/bin/helm helm init kubectl create clusterrolebinding add-on-cluster-admin -- clusterrole=cluster-admin --serviceaccount=kube-system:default sudo rm -f helm-v2.11.0-linux-amd64.tar.gz Testenvironment(everypodshouldbe running): kubectl get pods -n kube-system CreateConnectionsNamespace(on Master) kubectl create namespace connections InstallDockerRegistry (on Master) Create directories: mkdir /docker-registry mkdir /docker-registry/{auth,certs,registry} Create passwordfile:
  • 6. docker run --entrypoint htpasswd registry:2 -Bbn admin mypassword > /docker-registry/auth/htpasswd Create self signedcerts: openssl req -newkey rsa:4096 -nodes -sha256 -keyout key.pem -x509 -days 3650 -out cert.pem Copycert and keyto dockerdirectory: cp key.pem cert.pem /docker-registry/certs Create directoriesonall machinesincluster: mkdir /etc/docker/certs.d mkdir /etc/docker/certs.d/soc.yourserver.com:5000/ Copycert to dockerdir: cp cert.pem /etc/docker/certs.d/soc.yourserver.com:5000/ca.crt SCPthe cert fromthe dockerregistrymachine toall othermachinesinthe kubernetescluster: scp cert.pem soc1.yourserver.com:/etc/docker/certs.d/soc.yourserver.com:5000/ca.crt scp cert.pem soc2.yourserver.com:/etc/docker/certs.d/soc.yourserver.com:5000/ca.crt Create registry: docker run -d -p 5000:5000 --restart=always --name registry -v /docker- registry/auth:/auth -v /docker-registry/certs:/certs -v /docker- registry/registry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" -e "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/cert.pem" -e "REGISTRY_HTTP_TLS_KEY=/certs/key.pem" registry:2 Verify: docker login -u admin -p mypassword soc.yourserver.com:5000 create image pull secret kubectl create secret docker-registry myregkey -n connections --docker- server=soc.yourserver.com:5000 --docker-username=admin --docker- password=mypassword Createpersistantvolumes(on Master/NFS Server) Note:this is validfor PoCinstallationsand not for production.In production, it isbest practice to have the NFSshare on a storage serverthat is not part of the Kubernetescluster,but for a proof of concept, non-HA deployment,itisacceptable to host the NFSshare on your Kubernetesmaster. sudo mkdir -p /pv-connections/esdata-{0,1,2} sudo mkdir -p /pv-connections/esbackup sudo mkdir -p /pv-connections/customizations
  • 7. sudo mkdir -p /pv-connections/mongo-node-{0,1,2}/data/db sudo mkdir -p /pv-connections/solr-data-solr-{0,1,2} sudo mkdir -p /pv-connections/zookeeper-data-zookeeper-{0,1,2} sudo chmod -R 777 /pv-connections unzip -p hybridcloud_20180925-031433.zip microservices_connections/hybridcloud/support/nfsSetup.sh > nfsSetup.sh unzip -p hybridcloud_20180925-031433.zip microservices_connections/hybridcloud/support/volumes.sh > volumes.sh If you needonlyafewcomponentschange the volumes.txtin extractedFolder/microservices_connections/hybridcloud/support cd /root/cp6006/microservices_connections/hybridcloud/support/ sudo bash nfsSetup.sh to checkcreatedsharesrun sudo cat /etc/exports Install persistentvolumesusingHelm helm install --name=connections-volumes /root/cp6006/microservices_connections/hybridcloud/helmbuilds/connections -persistent-storage-nfs-0.1.0.tgz --set nfs.server=IP_ADDR extractedFolder/microservices_connections/hybridcloud/helmbuilds/connecti ons-persistent---set solr.enabled=false,zk.enabled=false,mongo.enabled=false,customizer.en abled=false,nfs.server=IP_ADDR Labeling and tainting workernodesforElasticsearch (on Master) Get listof available nodes kubectl get nodes run commandwithnode name added kubectl label nodes soc2.yourserver.com type=infrastructure --overwrite kubectl taint nodes soc2.yourserver.com dedicated=infrastructure:NoSchedule –overwrite Pushing theimagesto theDockerregistry (on Master) cd /root/cp6006/microservices_connections/hybridcloud/support ./setupImages.sh -dr soc.yourserver.com:5000 -u admin -p mypassword -st customizer,elasticsearch,orientme Bootstrapping theKubernetescluster(on Master) BootstrappingaKubernetesclusterperformsthe followingtasks:vValidatesthe Kubernetesconfiguration / Createsthe requiredKubernetessecrets/Createsthe requiredIBMConnectionscertificates/Configures Redisforuse by the OrientMe component
  • 9. Installing the Component Pack Installing theComponentPack'sconnections-env(on master) helm install --name=connections-env /root/cp6006/microservices_connections/hybridcloud/helmbuilds/connections -env-0.1.40-20180919-173326.tgz --set createSecret=false,ic.host=con.yourserver.com,ic.internal=con.yourserver. com verifywith(shouldshowdeployed): helm list Installing theComponentPack'sinfrastructure(on master) helm install --name=infrastructure /root/cp6006/microservices_connections/hybridcloud/helmbuilds/infrastruct ure-0.1.0-20180925-030258.tgz --set global.onPrem=true,global.image.repository=soc.yourserver.com:5000/connec tions,mongodb.createSecret=false,appregistry- service.deploymentType=hybrid_cloud verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up): kubectl get pods -n connections Installing theComponentPack'sOrientMe(on master) helm install --name=orientme /root/cp6006/microservices_connections/hybridcloud/helmbuilds/orientme- 0.1.0-20180925-030334.tgz --set global.onPrem=true,global.image.repository=soc.yourserver.com:5000/connec tions,orient-web-client.service.nodePort=30001,itm- services.service.nodePort=31100,mail- service.service.nodePort=32721,community- suggestions.service.nodePort=32200 verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up): kubectl get pods -n connections Installing theComponentPack'sElasticSearch (on master) helm install --name=elasticsearch /root/cp6006/microservices_connections/hybridcloud/helmbuilds/elasticsear ch-0.1.0-20180921-115419.tgz --set image.repository=soc.yourserver.com:5000/connections,nodeAffinityRequired =true verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up):
  • 10. kubectl get pods -n connections Installing theComponentPack'sCustomizer(on master) helm install --name=mw-proxy /root/cp6006/microservices_connections/hybridcloud/helmbuilds/mw-proxy- 0.1.0-20180924-103122.tgz --set image.repository=soc.yourserver.com:5000/connections,deploymentType=hybri d_cloud verifywith(shouldshowdeployed): helm list and (cantake upto 10 minutesforall podstocome up): kubectl get pods -n connections Installing theDasboardsforformonitoring and logging (on master) mkdir /opt/kubernetes-dashboard create keys openssl req -nodes -new -x509 -keyout /opt/kubernetes- dashboard/dashboard.key -out /opt/kubernetes-dashboard/dashboard.crt - subj "/CN=dashboard" kubectl create secret generic kubernetes-dashboard-certs --from- file=/opt/kubernetes-dashboard -n kube-system kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/ recommended/kubernetes-dashboard.yaml kubectl apply -f /root/cp6006/microservices_connections/hybridcloud/support/dashboard- admin.yaml kubectl patch svc kubernetes-dashboard -n kube-system -p '{"spec":{"type": "NodePort"}}' kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/influxdb/grafana.yaml kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/influxdb/heapster.yaml kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/influxdb/influxdb.yaml kubectl create -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube- config/rbac/heapster-rbac.yaml nohup kubectl proxy --address=159.8.241.236 -p 443 --accept-hosts='^*$' &
  • 11. Verifywith http://IP_ADDR:443/api/v1/namespaces/kube- system/services/https:kubernetes-dashboard:/proxy/ Installing theComponentPack'sSanity Dashboard (on master) helm install --name=sanity /root/cp6006/microservices_connections/hybridcloud/helmbuilds/sanity- 0.1.8-20180924-121014.tgz --set image.repository=soc.yourserver.com:5000/connections Get the applicationURLby runningthese commands: export NODE_PORT=$(kubectl get --namespace connections -o jsonpath="{.spec.ports[0].nodePort}" services sanity) export NODE_IP=$(kubectl get nodes --namespace connections -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT helm install --name=sanity-watcher /root/cp6006/microservices_connections/hybridcloud/helmbuilds/sanity- watcher-0.1.0-20180830-052154.tgz --set image.repository=soc.yourserver.com:5000/connections Installing theComponentPack'sElasticStack (on master) helm install --name=elasticstack /root/cp6006/microservices_connections/hybridcloud/helmbuilds/elasticstac k-0.1.0-20180925-030346.tgz --set global.onPrem=true,global.image.repository=soc.yourserver.com:5000/connec tions Accessingthe KibanaDashboard Opena browserandnavigate to https://soc.yourserver.com:32333 FirstTime Setup: Enter ‘comppackk8s-*’asthe index name orpatternand click‘Create’