Versions Compared

Old Version 17

changes.mady.by.user Ashhad Alam

Saved on

compared with

New Version 18

changes.mady.by.user Ashhad Alam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Rancher is an an open-source multi-cluster orchestration platform that makes it easy for you to deploy and manage an application on Kubernetes cluster.

...

  • RKE2 – Rancher Kubernetes Engine to set up Kubernetes environment.

  • Rancher UI – UI to centrally manage a multi-cluster Kubernetes environment.

  • Longhorn – To implement distributed block storage for Kubernetes.

  • Prometheus including Grafana – To monitor the system and its execution environment holistically, for example, CPU usage.

  • Elasticsearch, Fluentd, and Kibana (EFK) – To view the logs for each microservice.

  • Kubernetes Event Driven Autoscaler (KEDA) – Framework that can be used for horizontal pod autoscaling.

  • Adeptia Connect application

...

  • At least three Linux VMs (to be used as master/server nodes) with internet access, each with the following minimum configuration:

    • RAM – 32 GB

    • Processor cores – 8

    • Hard disk – 250 GB

  • One Jumpbox with internet access and SSH connectivity with the Linux nodes to download, extract, and run the Playbook.

  • Ansible 2.12 (or higher) installed on Jumpbox.
    You can install Ansible on Ubuntu OS by running the following set of commands in the same order:

    Code Block
    languagepowershell
    $ sudo apt-add-repository ppa:ansible/ansible
$ sudo apt install ansible 2.12.10

...

Info

You can use the PEM file with or without passphrase protection.

  • CA/self signed certificates

  • The following inbound ports opened on the Load Balancer and the nodes:

    • 9345 - required for RKE2 nodes clustering

    • 6443 - required for Kubernetes API

  • DNS domain load balancer for accessing Rancher UI.

  • DNS domain for accessing Adeptia Connect portal.

...

Info

RKE2 server (or master) will be deployed on these nodes. For HA, 3 VMs. [agents] groups re

Code Block
languagepowershell
# rke2 cluster master/server nodes #
[servers]
xxx.xx.xx.xx
xxx.xx.xx.xx
xxx.xx.xx.xx

# rke2 cluster worker/agent nodes #
[agents]
xxx.xx.xx.xx


To be deleted....
[k8s:children]
servers
agents

[servers:vars]
rke2_type=“server”

[agents:vars]
rke2_type=“agent”

[all:vars]
ansible_user={{ ssh_user }}
ansible_ssh_private_key_file={{ ssh_key_path }}

...

  1. Navigate to /vars in the Ansible Playbook extracted folder.

  2. Open the general-config.yaml file.

  3. Update the following properties.

Property

Description Give sample values

ssh_key_path

Name of the SSH private key (PEM) file, for example abc.pem.

rancher_lb_domain

Domain name for Rancher.

Using this domain, you can access the Rancher UI and RKE2.

app_lb_domain

Domain name for Adeptia Connect application.

Using this domain, you can access the followings:

  • Adeptia Connect Portal

  • Adeptia Connect API Gateway (for REST and SOAP API calls)

  • Kibana dashboard

  • Grafana dashboard

rke2_token

Secret token for node registration. Provide the value for this field in vault.

execute_static_job

Adeptia Connect installation mode.

Set the value for this property to true for fresh installation and false in case you are upgrading from a lower AC v4.x environment.

ac_ha_mode

Enable/Disable High Availability (HA) mode. Default false

Possible values are:

  • true

  • false

When set to true, the application is deployed in HA mode with all microservice (except for the Listener, License, ….. ) running at least two replicas.

Autoscaling wiiol be enabled by default. may aoutoscale to upto 3 replicas

backend_db_type

Backend database type.

Possible values are:

  • MySQL

  • SQL-Server

  • Oracle

backend_db_url

Value for Azure SQL Database

  • jdbc:sqlserver://<DB Hostname>:<Port Number>;database=<Backend Database Name>

Value for Oracle Database

  • jdbc:oracle:thin:@<hostName>:<portNumber>:<S ID<SID/ServiceName>

Value for Azure MySQL Database

  • jdbc:mysql://<hostName>:<portNumber>/<DBName>?useSSL=true

log_db_type

Log database type.

Possible values are:

  • MySQL

  • SQL-Server

  • Oracle

log_db_url

Value for Azure SQL Database

jdbc:sqlserver://<DB Hostname>:<Port Number>;database=<Log Database Name>

Value for Oracle Database

jdbc:oracle:thin:@<hostName>:<portNumber>:<S ID<SID/ServiceName>

Value for Azure MySQL Database

jdbc:mysql://<hostName>:<portNumber>/<DBName>?useSSL=true

tlsCrt

TLS signed certificate in base64 encoding (for Ingress)

tlsKey

TLS private key of certificate in base64 encoding (for ingress)

Steps to update vault-config.yaml

  1. Navigate to /vars in the Ansible Playbook extracted folder.

  2. Open the vault-config.yaml file.

  3. Provide the sensitive information, such as RKE2 token, in the respective properties.

PropertyValue

Description Default values,

vault_ansible_sudo_pass

<User User defined password for Jumpbox>Jumpbox

vault_rancher_gui_password

<User User defined password for rancher GUI>GUI

vault_rke2_token

<User defined RKE2 token>

vault_backend_db_username

<User defined Backend DB username>

vault_backend_db_password

<User defined Backend DB password>

vault_log_db_username

<User defined Log DB username>

vault_log_db_password

<User defined Log DB password>

Encrypting/Decrypting vault-config.yaml

Optional, when you want to use it. You can encrypt the sensitive information specified in the vault-config.yaml file by using Ansible Vault.

...

You will be prompted to provide and confirm a password for the file. Once you have confirmed the password, a message “Encryption successful” confirming the encryption will be displayed.

Make them distinguishable

View To decrypt the file, navigate to the /vars folder, and then run the following command:

...

You can run the Ansible Playbook by executing the adeptia-connect.sh shell file (with appropriate arguments) after you have fulfilled all the prerequisites. Here are the steps to run the adeptia-connect.sh file in default mode by following which all the components including RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA, and Adeptia Connect get installed.

  1. Log in to the Jumpbox.

  2. Run the following command to set Read/Write permission on the SSH private key file (PEM):

    Code Block
    $ chmod 0600 <pem file>

  3. Run the following command to set executable permission on the adeptia-connect.sh shell file:

    Code Block
    $ chmod +x adeptia-connect.sh

  4. Run the following command to execute the shell file, adeptia-connect.sh, available in the Ansible Playbook:

    Code Block
    $ sudo ./adeptia-connect.sh

...

Following table contains the the list of some tags and their description:

If same cluster but different namespaces for different env

Tag

Description

--tag=install-all

Installs all the components including RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA, and Adeptia Connect in one go.

Info

This is the default tag considered by the system when you do not use any tag while executing the adeptia-connect.sh file.

--tag=install-basic

Installs all the components (RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA) except for the Adeptia Connect application. recommended

--tag=install-ac

Installs Adeptia Connect application only.

--tag=install-rke2

Installs RKE2 (server/agent) only.

--tag=install-prometheus

Installs Prometheus (including Grafana) only

--tag=install-efk

Installs EFK only.

Uninstalling the Ansible Playbook

Here are the steps to uninstall all the components including RKE2, Rancher, Longhorn, Prometheus, EFK, KEDA, and Adeptia Connect.

  1. Log in to the Jumpbox.

  2. Run the following command to set Read/Write permission on the SSH private key file (PEM):

    Code Block
    $ chmod 0600 <pem file>

  3. Run the following command to set executable permission on the adeptia-connect.sh shell file:

    Code Block
    $ chmod +x adeptia-connect.sh

  4. Run the following command to execute the shell file, adeptia-connect.sh, available in the Ansible Playbook:

    Code Block
    $ sudo ./adeptia-connect.sh --tag=uninstall-all

This uninstalls all the components. If you want to install different components based on your requirement, you can use the tag argument while executing the shell file. For example, if you want to uninstall Adeptia Connect application only, run the following command:

Code Block
$ sudo ./adeptia-connect.sh --tag=uninstall-ac
Tip

To use multiple tags, provide comma separated values as shown below:

$ sudo ./adeptia-connect.sh --tag=uninstall-basic,uninstall-ac

Panel
bgColor#FFFAE6

Important!

place this in install as well

If you are using encrypted vault-config.yaml file, you need to pass the argument --ask-vault-pass while executing the shell file (during install or uninstall) as shown in the example below:

$ sudo ./adeptia-connect.sh --ask-vault-pass

...