Unattended Kubernetes Configuration (HELM)
The following configuration should be added to values.yaml to enable an unattended install.
Note: These fields are used in the values.yaml created when performing a deployment of Pyramid using HELM charts. For more information about the overall process, see Install Pyramid using HELM.
Fields and values
Docker Settings:
- repo* : The Docker registry to pull the images from.
- imagePullPolicy* : The policy to use when pulling images from the Docker registry. By default, this is "ifNotPresent", indicating that images should only be pulled if they are not already present locally.
Attendance:
- unattended* : Where applicable, the details for the unattended install.
- enabled* : Indicates whether the installation should run in the unattended mode or not:
- If "false", the installation will be "attended". In this case, there is no "installationData" block. Instead, the Installation UI opens for you to enter your installation settings.
- If "true", the installation will be "unattended". In this case, you also need to add the sibling "installationData" block for your installation settings (the database and storage settings that enable the unattended installation).
- installationData: The installationData block contains the database and storage fields required to perform an unattended installation. As shown in the following example, the installationData block is contained by the unattended block and is only used where the unattended installation is enabled.
- enabled* : Indicates whether the installation should run in the unattended mode or not:
Database Fields:
- createDB : If "on", the installer will create the database using the supplied credentials.
- installationType :
- If "existing", the database server should contain an existing (previously installed) Pyramid database.
- If "new", or any value apart from existing, a new Pyramid database schema will be created in the provided database. This is the default value.
- dbLocation:
- 0 - Native installation - self provided database server. This is the default value.
- 1 - AWS RDS.
- 2 - Azure Managed Database.
- 3 - GCP Cloud SQL.
- serverType* : The database server type, either SqlServer or Postgresql.
- serverAddress* : The database server address, either an IP address or FQDN.
- port* : The database server port number.
- database* : The database name.
- dbUser* : The user name for connecting the database.
- dbPass* : The user's password.
- enforceDbSsl : Specify "on" to enforce SSL over the database connection, or "off" otherwise. The default setting is off. This option is supported for PostgreSQL and SQL server. For more information, see Encrypting Connections.
- dbSslRootCert : If you selected to "enforceDbSsl", the value of the field should be a base64 encoded string representing a zip file containing one or more certificates in PEM format. Note: You only need to supply certificates that are self-signed (are not publicly signed).
- fips : If "true", enables the use of FIPS compatible encryption algorithms. The default setting is "false". Note that this necessarily disables some of the product functionality. For more information, see Encryption and FIPS.
- firstUser* :The user name of the first Pyramid admin user.
- firstUserPass* : The password of the first Pyramid admin user (this can be changed later from inside the app).
- license: The text content of a Pyramid license file. Use this to seed the license key into the deployment directly. The license file can also be uploaded after installation.
- storageType* : The preferred persistent file storage method. One of: AWSS3, AzureBlob, PersistentVolume, FTP, SFTP, or NFS.
Storage Fields:
Based on the previous storageType setting, the following additional settings are required:
FTP/SFTP/NFS
- storageHostName* : FTP server address
- storagePort* : FTP server port
- storageUserName* : FTP server username
- storagePassword* : FTP server password
- storageFolder* : Directory
AWS-S3
- regionId* : AWS Region Code. A full list can be found here.
- awsAccessKeyId* : AWS Access Key ID. To use an AWS IAM role, set awsAccessKeyId: "iam" after configuring a role on AWS. In this case, you do not need to set awsSecretAccessKey.
- awsSecretAccessKey* : AWS Secret Access Key
- awsBucket* : AWS S3 bucket name
Azure blobs
- azureBlobAccountName* : Azure account name
- azureBlobAccountKey* : Azure account key
- azureContainer* : Azure container name
Persistent Volume
- When the storageType is PersistentVolume, you need to specify which Persistent Volume to use. Where the installation is configured using HELM charts, this specified using the storage block in HELM Configuration.
Example
repo: "pyramidanalytics" imagePullPolicy: "IfNotPresent" unattended: enabled: true installationData: installationType: "new" dbLocation: 0 serverType: "Postgresql" serverAddress: "<IP-or-FQDN>" port: 5432 createDB: "on" database: "pyramid" dbUser: "postgres" dbPass: "<password>" enforceDbSsl: "on" dbSslRootCert: "<Zip base64>" fips: false firstUser: "admin" firstUserPass: "<password>" storageType: "PersistentVolume" # If storageType is "FTP" or "SFTP" storageHostName: "<IP-or-FQDN>" storagePort: 0 storageUserName: "storageUser" storagePassword: "storagePassword" storageFolder: "/path/to/storage/directory" # If storageType is "AWS-S3" regionId: "eu-central-1" awsAccessKeyId: "awsAccessKeyId" awsSecretAccessKey: "awsSecretAccessKey" awsBucket: "bucket-name" # If storageType is "AzureBlob" azureBlobAccountName: "accountName" azureBlobAccountKey: "accountKey" azureContainer: "container" license: "licenseTextContent"