Versions Compared

Old Version 16

changes.mady.by.user Ashhad Alam

Saved on

compared with

New Version 17

changes.mady.by.user Ashhad Alam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Rancher is an an open-source multi-cluster orchestration platform that makes it easy for you to deploy and manage an application on Kubernetes cluster.

Adeptia packages Rancher and Rancher Kubernetes Engine (RKE2) along with Adeptia Connect application and other components in Ansible Playbook. You need to download, extract,and run this package that deploys Playbook to deploy the followings in the same order.

  • RKE2 – Rancher Kubernetes Engine to set up Kubernetes environment.

  • Rancher UI – UI to centrally manage a multi-cluster Kubernetes environment.

  • Longhorn – To implement distributed block storage for Kubernetes.

  • Prometheus including Grafana – To centrally monitor the system and its execution environment holistically, for example, CPU usage.

  • Elasticsearch, Fluentd, and Kibana (EFK) For centralized loggingTo view the logs for each microservice.

  • Kubernetes Event Driven Autoscaler (KEDA) For pods Framework that can be used for horizontal pod autoscaling.

  • Adeptia Connect application

This page discusses the followings:

Table of Contents
minLevel1
maxLevel4

Anchor
Prerequisites
Prerequisites
Prerequisites and configurations for Playbook execution

Before you begin to run Ansible Playbook, ensure that you have,

  • At least three Linux VMs (to be used as master nodes) with internet access, each with the following minimum configuration:

    • RAM – 32 GB

    • Processor cores – 8

    • Hard disk – 250 GB

  • One Jumpbox with internet access and SSH connectivity with the above 3 Linux VM machinesLinux nodes to download, extract, and run the Playbook.

  • Ansible 2.12 (or higher) installed on Jumpbox.
    You can install Ansible on Ubuntu OS by running the following commandset of commands in the same order:

    Code Block
    languagepowershell
    $ sudo apt-add-repository ppa:ansible/ansible
$ sudo apt install ansible 2.12.10

Where,

The first command adds the Ansible repository and the second one installs Ansible 2.12.10.

  • Load Balancer on the top of 3 Linux VM nodes.

  • Administrative privileges on Jumpbox and each Linux VM node.

  • SSH Private private key in PEM (Privacy Enhanced Mail) format for communication between the VMs.

...

  • The following inbound ports opened on the Load Balancer and 3 Linux VMthe nodes:

    • 9345 - required for RKE2 nodes clustering

    • 6443 - required for Kubernetes API

  • DNS domain for accessing Rancher UI.

  • DNS domain for accessing Adeptia Connect portal.

Once you have met the prerequisites, update the following files containing the details of VMs, DNS, SSH connectivity, and other configuration details required for Adeptia Connect installation. These files are available in Ansible Playbook package that you have downloaded and extracted on the Jumpbox.

  • inventory file – Defines the hosts (or group of hosts) on which the Playbook runs.

  • general-config.yaml - Contains the configuration variables to run the Playbook for Adeptia Connect installation.

  • vault-config.yaml - Contains sensitive information, such as passwords, required to validate and run the Playbook.

Steps to update inventory file

  1. Open the inventory file.

  2. Add the domain name or IP address of the three VMs server nodes and RKE2 agent (if you have any) under the [servers] group ] and [agents] groups respectively as shown in the example code snippet below.

...

Code Block
languagepowershell
# rke2 cluster master/server nodes #
[servers]
xxx.xx.xx.xx
xxx.xx.xx.xx
xxx.xx.xx.xx

# rke2 cluster worker/agent nodes #
[agents]
xxx.xx.xx.xx

[k8s:children]
servers
agents

[servers:vars]
rke2_type=“server”

[agents:vars]
rke2_type=“agent”

[all:vars]
ansible_user={{ ssh_user }}
ansible_ssh_private_key_file={{ ssh_key_path }}

You can also add the domain name or IP address of an RKE2 agent under the [agents] group if you have one.

Info

RKE2 agent (or worker) will be deployed on these nodes.

Steps to update general-config.yaml

...

Property

Description

ssh_key_path

Name of the SSH private key (pemPEM) file, for example abc.pem.

rancher_lb_domain

Domain name of Rancherfor Rancher.

Using this domain, you can access the Rancher UI and RKE2.

app_lb_domain

Domain name of for Adeptia Connect application.

Using this domain, you can access the followings:

  • Adeptia Connect Portal

  • Adeptia Connect API Gateway (for REST and SOAP API calls)

  • Kibana dashboard

  • Grafana dashboard

rke2_token

Secret token for node registration.

execute_static_job

AC Adeptia Connect installation mode.

Set the value for this property to true for fresh installation and false in case you are upgrading from a lower AC v4.x environment.

ac_ha_mode

Enable/Disable High Availability (HA) mode.

Possible values are:

  • true

  • false

When set to true, the application is deployed in HA mode with all microservice (except for the Listener, License, ….. ) running at least two replicas.

backend_db_type

Backend database type.

Possible values are:

  • MySQL

  • SQL-Server

  • Oracle

backend_db_url

Value for Azure SQL Database

  • jdbc:sqlserver://<DB Hostname>:<Port Number>;database=<Backend Database Name>

Value for Oracle Database

  • jdbc:oracle:thin:@<hostName>:<portNumber>:<S ID/ServiceName>

Value for Azure MySQL Database

  • jdbc:mysql://<hostName>:<portNumber>/<DBName>?useSSL=true

log_db_type

Log database type.

Possible values are:

  • MySQL

  • SQL-Server

  • Oracle

log_db_url

Value for Azure SQL Database

jdbc:sqlserver://<DB Hostname>:<Port Number>;database=<Log Database Name>

Value for Oracle Database

jdbc:oracle:thin:@<hostName>:<portNumber>:<S ID/ServiceName>

Value for Azure MySQL Database

jdbc:mysql://<hostName>:<portNumber>/<DBName>?useSSL=true

tlsCrt

TLS signed certificate in base64 encoding (for Ingress)

tlsKey

TLS private key of certificate in base64 encoding (for ingress)

Steps to update vault-config.yaml

...

Property

Value

vault_ansible_sudo_pass

<User <User defined password for Jumpbox>

The same password is used for accessing the three nodes.

Jumpbox>

vault_rancher_gui_password

<User defined password for rancher GUI>

vault_rke2_token

<User defined RKE2 token>

vault_backend_db_username

<User defined Backend DB username>

vault_backend_db_password

<User defined Backend DB password>

vault_log_db_username

<User defined Log DB username>

vault_log_db_password

<User defined Log DB password>

...

You can encrypt the sensitive information specified in the vault-config.yaml file by using Ansible Vault.

To encrypt the file, navigate to the /vars folder, and then run the following command:

Code Block
languagepowershell

$ ansible-vault encrypt vault-config.yaml

You will be prompted to provide and confirm a password for the file. Once you have confirmed the password, a message “Encryption successful” confirming the encryption will be displayed.

To decrypt the file, navigate to the /vars folder, and then run the following command:

...

Executing the Ansible Playbook

After you have met all the prerequisites and configured the inventory, general-config.yaml, and vault-config.yaml files, you are ready to You can run the Ansible Playbook by executing the adeptia-connect.sh shell file (with appropriate arguments) after you have fulfilled all the prerequisites. Here are the steps to run the adeptia-connect.sh file in default mode by following which all the components including RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA, and Adeptia Connect get installed.

...

You can use the tag argument while running the command to execute the shell file to install for installing different components as per your requirement. For example, if you want to install all the components except for the Adeptia Connect application, run the following command:

Code Block
$ sudo ./adeptia-connect.sh --tag=install-basic
Tip

To run use multiple tags, provide comma separated values as shown below:

$ sudo ./adeptia-connect.sh --tag=install-basic,install-ac

Following table contains the the list describing of some tags that you can useand their description:

Tag

Description

--tag=install-all

Installs all the components including RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA, and Adeptia Connect in one go.

Info

This is the default tag considered by the system when you do not use any tag while executing the adeptia-connect.sh file.

--tag=install-basic

Installs all the components (RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA) except for the Adeptia Connect application.

--tag=install-ac

Installs Adeptia Connect application only.

--tag=install-rke2

Installs RKE2 (server/agent) only.

--tag=install-prometheus

Installs Prometheus (including Grafana) only

--tag=install-efk

Installs EFK only.

...

Here are the steps to uninstall all the components including RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA, and Adeptia Connect.

  1. Log in to the Jumpbox.

  2. Run the following command to set Read/Write permission on the SSH private key file (PEM):

    Code Block
    $ chmod 0600 <pem file>

  3. Run the following command to set executable permission on the adeptia-connect.sh shell file:

    Code Block
    $ chmod +x adeptia-connect.sh

  4. Run the following command to execute the shell file, adeptia-connect.sh, available in the Ansible Playbook:

    Code Block
    $ sudo ./adeptia-connect.sh --tag=uninstall-all

...

Code Block
$ ./adeptia-connect.sh --tag=uninstall-ac
Tip

To run use multiple tags, provide comma separated values as shown below:

$ sudo ./adeptia-connect.sh --tag=uninstall-basic,uninstall-ac

Panel
bgColor#FFFAE6

Important!

If you are using encrypted vault-config.yaml file, you need to pass the argument --ask-vault-pass while executing the shell file (during install or uninstall) as shown in the example below:

$ sudo ./adeptia-connect.sh --ask-vault-pass

...