Kubernetes Unattended Initialization
Once pods are created in the deployment, admins must complete an initialization process to seed the system with relevant details. This can be done via a UI-based form or via the following approach using a YAML file with secrets.
YAML Structure
Running the installation from command line will involve creating a YAML file with the following basic structural outline:
apiVersion: v1 kind: Namespace metadata: name: pyramid --- apiVersion: v1 kind: Secret metadata: name: unattended-installation namespace: pyramid stringData: json: <jsonData>
The indented items are required to be indented with a double space.
JsonData
The JsonData snippet above (in red) is where all the details of the initialization are injected into the script. All fields in the JSON string are top level without any nesting.
Note:
- Fields marked with * are mandatory.
- The JSONData string should be a single line of text without line breaks.
Database Fields:
- createDB: if set to "on" the installer will create the database using the provided credentials
- repoType: set to “existing” to use an existing Pyramid repository database. Here the deployment will run the same as the source installation with the same users, just in your Kubernetes cluster.
- serverType* : the database server type, SqlServer or Postgresql.
- serverAddress* : the database server address - either IP or FQDN
- port* : the database server port number
- database* :the database name
- dbUser* :the user name for connecting the database
- dbPass* :the user's password
- firstUser* :the user name of the first Pyramid admin user.
- firstUserPass* : the password of the first Pyramid admin user (this can be changed later from inside the app)
- license: the text content of a Pyramid license file. Use this to seed the license key into the deployment directly. The license file can also be uploaded after installation.
- sslCert : The base64 text content of the SSL certificate (when connecting to the web app via HTTPS)
- sslSign : The base64 text content of the SSL signature
Storage Fields:
- storageType* : The preferred persistent file storage method: AWSS3, AzureBlob, PersistentVolume, FTP, SFTP, NFS
Based on the above setting the following subsequent settings are required:
FTP/SFTP/NFS
- storageHostName* : FTP server address
- storagePort* :FTP server port
- storageUserName* : FTP server username
- storagePassword* : FTP server password
- storageFolder* : Directory
AWS-S3
- regionId* : AWS Region Code. A full list can be found here.
- awsAccessKeyId* : AWS Access Key ID
- awsSecretAccessKey* : AWS Secret Access Key
- awsBucket* : AWS S3 bucket name
Azure blobs
- azureBlobAccountName* : Azure account name
- azureBlobAccountKey* : Azure account key
- azureContainer* : Azure container name
Examples
In the examples the JSON string is broken into multiple lines. It should be a single line of text without line breaks.
Base JSON:
{"repoType":"existing","serverType":"Postgresql","serverAddress":"dbServer","port":5432, "database":"k8s_cluster","dbUser":"postgres","dbPass":"1234"}
Final YAML:
apiVersion: v1 kind: Namespace metadata: name: pyramid --- apiVersion: v1 kind: Secret metadata: name: unattended-installation namespace: pyramid stringData: json: {"repoType":"existing","serverType":"Postgresql","serverAddress":"dbServer","port":5432, "database":"k8s_cluster","dbUser":"postgres","dbPass":"1234"}
Base JSON:
{"serverType":"Postgresql","serverAddress":"dbServer","port":5432,"database":"k8s_cluster", "dbUser":"postgres","dbPass":"1234","firstUser":"admin","firstUserPass":"1234","storageType":"AWSS3", "regionId":"eu-central-1", "awsAccessKeyId":"accessKey","awsSecretAccessKey":"secret","awsBucket":"myPyramidBucket"}
final yaml:
apiVersion: v1 kind: Namespace metadata: name: pyramid --- apiVersion: v1 kind: Secret metadata: name: unattended-installation namespace: pyramid stringData: json: {"serverType":"Postgresql","serverAddress":"dbServer","port":5432,"database":"k8s_cluster", "dbUser":"postgres","dbPass":"1234","firstUser":"admin","firstUserPass":"1234", "storageType":"AWSS3","regionId":"eu-central-1","awsAccessKeyId":"accessKey", "awsSecretAccessKey":"secret","awsBucket":"myPyramidBucket"}