Deployment

PBMS Deployment

This document contains instructions for all the deployment of PBMS modules and their related components on the Kubernetes cluster using Helm charts. All the components are installed in the same namespace. The methods used to achieve the deployment are:

Prerequisites

Before you deploy, make sure the following are available:

Installation using Rancher UI

  1. Log in to Rancher admin console.

  2. Select your cluster.

  3. Under Apps -> Repositories click the Create to add a repository.

  4. Provide Name as "openg2p" and target HTTPS Index URL as https://openg2p.github.io/openg2p-helm/rancher and click on Create.

  5. Select the namespace in which you would like to install PBMS, from the namespace filter on the top-right.

  6. To display prerelease versions of OpenG2P apps, click on your user avatar in the upper right corner of the Rancher dashboard. Then click on Include Prerelease Versions under Preferences below the Helm Charts.

  7. Navigate to Apps->Charts page on Rancher. You can find the OpenG2P PBMS is listed in the dashboard.

  1. Click the Part 1 Helm chart, select the version you want to install, and click on Install.

  2. On the next screen, choose a name for installation, like pbms. Check the option Customise Helm before the installation, and then click on Next.

  3. Navigate to each app's configuration page, and configure the following:

    1. Configure a hostname for each app in the following way. <appname>.<base-hostname> , where base hostname is the wildcard hostname chosen during Istio namespace setup. Example: pbms.dev.openg2p.org and odk-pbms.dev.openg2p.org , etc. <appname> is arbitrary - default names have been provided.

    2. Your organization-wide Keycloak URL is Keycloak Base Url . (Refer to Keycloak installation).

    3. Create a Keycloak client.

    4. Provide the OIDC Client details. Refer to Keycloak Client Creation guide.

    5. Click on Next to navigate to Helm Options page. Disable wait flag. Click on Install.

    6. Navigate back to Apps->Charts page on Rancher. Choose Part 2 Helm chart. Select the same version as for Part 1, and click on Install.

    7. On the next screen, give the same installation name as for Part 1 but with suffix -p2 , like pbms-p2. Select the same namespace as Part 1. Check the option Customise Helm before the installation, and click on Next.

    8. Follow the step 9 for other application installation.

    9. Watch for every pods to enter a Running state. This may take several minutes.

Installation using the command line

  • Install the following utilities on your machine.

    • kubectl, istioctl, helm, jq, curl, wget, git, bash, envsubst.

  • TBD

Post installation

Keycloak

Assigning roles to users

Create Keycloak client roles for the following components and assign them to users.

Component
Role name

OpenSearch Dashboards for logging

admin

OpenSearch Dashboards for Reporting

admin

Apache Superset

Admin

Minio Console

consoleAdmin

Kafka UI for Reporting

Admin

Assigning roles to clients

  • Create a realm role in Keycloak with the name "KEYMANAGER_ADMIN" and assign it as a service account role to the PBMS Keycloak client in order for PBMS to be able to access Keymanager APIs.

Odoo

Last updated

Logo

Copyright © OpenG2P. This work is licensed under Creative Common Attribution (CC-BY-4.0) International license unless otherwise noted.