/
Install AGILITY on Kubernetes

Install AGILITY on Kubernetes

Owned by Akin Laseinde (Deactivated)
Last updated: Nov 07, 2024 by Akin Laseinde (Deactivated)
6 min read

Architecture

AGILITY components are divided into three groups:

  • agility-system

  • agility-services

  • agility

AGILITY Operator manages AGILITY components synchronizing with the AGILITY Central site.

image-20240704-195037.png

Prerequisites

Before installing AGILITY, you must have these prerequisites:

  • Kubernetes:

    • Admin Permissions. You must have Kubernetes administrative permissions to perform the installation.

    • Dynamic Volume Provisioning. Dynamic volume provisioning for block storage is recommended. When using a cloud-managed cluster, CSI provisioners are most likely available. For on-premises deployments, a solution like rook-ceph might be an alternative. Otherwise, check Manually provision persistent volumes for manual provisioning.

  • Local CLI applications

    • helm. Make sure you have helm version 3.8 or higher installed.

    • jq. Make sure you have jq version 1.6 or higher installed.

  • B-Yond License. To install AGILITY, you will need the B-Yond license provided by B-Yond customer support.

Please ensure that you have fulfilled all these prerequisites before moving on to the next step.

Helm Charts Download

Contact customer support to determine the version of AGILITY to deploy.

mkdir -p agility-charts && cd agility-charts export AGILITY_VERSION=3.90.7

Store the B-Yond License on a temporary directory

export BYOND_LICENSE_PATH="/tmp/license.token" vi ${BYOND_LICENSE_PATH}

Verify curl, jq and helm are available on your laptop (UNIX command)

red='\033[0;31m' green='\033[0;32m' clear='\033[0m' if ! command -v curl 2>&1 > /dev/null; then echo -e "${red}curl...........................ERROR. Please install it before continuing${clear}"; else echo -e "${green}curl...........................OK${clear}"; fi; if ! command -v jq 2>&1 > /dev/null; then echo -e "${red}jq.............................ERROR. Please install it before continuing${clear}"; else echo -e "${green}jq.............................OK${clear}"; fi; if ! command -v helm 2>&1 > /dev/null; then echo -e "${red}helm...........................ERROR. Please install it before continuing${clear}"; else echo -e "${green}helm...........................OK${clear}"; fi

Ensure curl, jq and helm binaries meet the required version.

Obtain a valid token from the B-Yond License:

if cat ${BYOND_LICENSE_PATH} | base64 --decode > /dev/null 2>&1; then export TOKEN=$(curl --silent --location --request POST "https://agility-central.b-yond.com/ao/auth/realms/agility/protocol/openid-connect/token" \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header "Authorization: Basic $(cat ${BYOND_LICENSE_PATH} | tr -d '\n')" \ --data-urlencode 'grant_type=client_credentials' | jq -r '.access_token') if [[ -z "${TOKEN}" ]]; then echo -e "ERROR: Issues getting token from agility-central.b-yond.com"; fi else export TOKEN=$(cat ${BYOND_LICENSE_PATH}) fi

From the TOKEN, obtain the necessary credentials

export OCI_USERNAME=$(echo ${TOKEN} | jq -rR 'split(".") | .[1] | gsub("-"; "+") | gsub("_"; "/") | gsub("%3D"; "=") | @base64d | fromjson | .imagePullSecret | fromjson | .auths."iad.ocir.io" | .username') export OCI_AUTH_TOKEN=$(echo ${TOKEN} | jq -rR 'split(".") | .[1] | gsub("-"; "+") | gsub("_"; "/") | gsub("%3D"; "=") | @base64d | fromjson | .imagePullSecret | fromjson | .auths."iad.ocir.io" | .password') export OCI_EMAIL=$(echo ${TOKEN} | jq -rR 'split(".") | .[1] | gsub("-"; "+") | gsub("_"; "/") | gsub("%3D"; "=") | @base64d | fromjson | .imagePullSecret | fromjson | .auths."iad.ocir.io" | .email')

Pull the charts:

rm -rf {agility-system,agility-services,agility} helm registry login -u "${OCI_USERNAME}" -p "${OCI_AUTH_TOKEN}" iad.ocir.io helm pull --untar --untardir ./ --version "${AGILITY_VERSION}" oci://iad.ocir.io/idhyugs3p9e3/agility/helm-charts/agility-system helm pull --untar --untardir ./ --version "${AGILITY_VERSION}" oci://iad.ocir.io/idhyugs3p9e3/agility/helm-charts/agility-services helm pull --untar --untardir ./ --version "${AGILITY_VERSION}" oci://iad.ocir.io/idhyugs3p9e3/agility/helm-charts/agility

 

[Optional] Test environment

Before starting with the installation, you can test your environment by creating a Pod with a PersistentVolumeClaim

  1. Create an ephemeral namespace

    kubectl create namespace agility-test

  2. Create the imagePullSecret to pull images from the B-Yond Container registry:

    kubectl --namespace agility-test create secret docker-registry byond-container-registry-credential \ --docker-server=iad.ocir.io \ --docker-username="${OCI_USERNAME}" \ --docker-password="${OCI_AUTH_TOKEN}" \ --docker-email="${OCI_EMAIL}"

  3. Create the PersistentVolumeClaim and Pod definitions

    cat <<EOF | kubectl apply -f - --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: agility-claim namespace: agility-test spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi --- apiVersion: v1 kind: Pod metadata: name: agility-app namespace: agility-test spec: imagePullSecrets: - name: byond-container-registry-credential containers: - name: app image: iad.ocir.io/idhyugs3p9e3/agility/bitnami/bitnami-shell command: ["/bin/sh"] args: ["-c", "while true; do echo $(date -u) >> /data/out; sleep 5; done"] volumeMounts: - name: persistent-storage mountPath: /data volumes: - name: persistent-storage persistentVolumeClaim: claimName: agility-claim EOF

  4. Ensure Pod and PVC are created successfully

  5. Remove namespace

    kubectl delete namespace agility-test

Deploy agility-system

These components deploy the Kubernetes operators that are required for AGILITY installation:

To deploy the agility-system chart, follow these steps:

  1. Create the imagePullSecret to pull images from the B-Yond Container registry:

    kubectl --namespace kube-system create secret docker-registry byond-container-registry-credential \ --docker-server=iad.ocir.io \ --docker-username="${OCI_USERNAME}" \ --docker-password="${OCI_AUTH_TOKEN}" \ --docker-email="${OCI_EMAIL}"

  2. Run the Helm command to deploy agility-system:

    helm --namespace kube-system upgrade --install --create-namespace agility-system ./agility-system

Deploy agility-services

The agility-services deployment includes the following components:

  • Database engine: PostgreSQL

  • Message bus: Kafka

  • Object storage: MinIO

  • Identity provider: Keycloak

  • AGILITY Operator

To deploy the agility-services chart, follow these steps:

  1. Create the target namespace (throughout this document is assumed to be agility)

    kubectl create namespace agility

  2. Create the imagePullSecret docker secret to pull images.

    kubectl --namespace agility create secret docker-registry byond-container-registry-credential \ --docker-server=iad.ocir.io \ --docker-username="${OCI_USERNAME}" \ --docker-password="${OCI_AUTH_TOKEN}" \ --docker-email="${OCI_EMAIL}"

  3. Create the MinIO admin secret (ensure you backup this value):

    ℹ️ root-password must be at least 8 characters long.

    kubectl --namespace agility create secret generic agility-s3 \ --from-literal=root-user=admin --from-literal=root-password=changeit

  4. Create the Keycloak admin secret (ensure you backup this value):

    kubectl --namespace agility create secret generic agility-keycloak \ --from-literal=admin-password=changeit

  5. Create the B-Yond license secret:

    kubectl --namespace agility create secret generic agility-operator \ --from-file="license.token"=${BYOND_LICENSE_PATH}

  6. Create an overrides values file (options available in the agility-services chart):

    ℹ️ Adjust volumes sizes and resource assignation. Default values are recommended for standard AGILITY usage.

    cat <<EOF> agility-services-values-overrides.yaml global: agility: operator: disabled: false agility-operator: enabled: true EOF

  7. Run the Helm command to deploy agility-services:

    helm --namespace agility upgrade --install --create-namespace agility-services ./agility-services --values agility-services-values-overrides.yaml

  8. Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.

    The following is an example:

    kubectl --namespace agility get pods NAME READY STATUS RESTARTS AGE agility-db-pgbouncer-6f8f46b455-84wxb 2/2 Running 0 3m57s agility-operator-767c6c46d7-dmv5z 2/2 Running 0 3m57s agility-db-repo-host-0 2/2 Running 0 3m57s agility-minio-5db49f56b7-p2x5l 1/1 Running 0 3m57s agility-minio-provisioning-tst4n 0/1 Completed 0 3m57s agility-kafka-zookeeper-0 1/1 Running 0 3m53s agility-kafka-zookeeper-1 1/1 Running 0 3m53s agility-kafka-zookeeper-2 1/1 Running 0 3m53s agility-keycloak-0 1/1 Running 0 3m57s agility-kafka-kafka-0 1/1 Running 0 3m10s agility-kafka-entity-operator-5fd5c57bf5-kff4p 3/3 Running 0 2m43s agility-db-backup-wzwk-5j4mg 0/1 Completed 0 3m27s agility-kafka-kafka-exporter-864646c49d-bx88r 1/1 Running 0 2m20s agility-kafka-ui-85b94b6b7d-5sb6l 1/1 Running 0 3m57s agility-db-a1-l7ct-0 5/5 Running 0 3m57s

Deploy AGILITY

To deploy the AGILITY application chart, follow these steps:

  1. Create an override values file (options available in the AGILITY chart):

    cat <<EOF> agility-values-overrides.yaml global: agility: operator: disabled: false EOF

  2. Run the Helm command to deploy AGILITY:

    helm --namespace agility upgrade --install --create-namespace agility ./agility --values agility-values-overrides.yaml

  3. Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.

    The following is an example:

    kubectl --namespace agility get pods NAME READY STATUS RESTARTS AGE agility-db-pgbouncer-6f8f46b455-84wxb 2/2 Running 0 8m47s agility-operator-767c6c46d7-dmv5z 2/2 Running 0 8m47s agility-db-repo-host-0 2/2 Running 0 8m47s agility-minio-5db49f56b7-p2x5l 1/1 Running 0 8m47s agility-minio-provisioning-tst4n 0/1 Completed 0 8m47s agility-kafka-zookeeper-0 1/1 Running 0 8m43s agility-kafka-zookeeper-1 1/1 Running 0 8m43s agility-kafka-zookeeper-2 1/1 Running 0 8m43s agility-keycloak-0 1/1 Running 0 8m47s agility-kafka-kafka-0 1/1 Running 0 8m agility-kafka-entity-operator-5fd5c57bf5-kff4p 3/3 Running 0 7m33s agility-db-backup-wzwk-5j4mg 0/1 Completed 0 8m17s agility-kafka-kafka-exporter-864646c49d-bx88r 1/1 Running 0 7m10s agility-kafka-ui-85b94b6b7d-5sb6l 1/1 Running 0 8m47s agility-proxy-redis-cb9fdbc49-w7wsg 1/1 Running 0 2m5s agility-autoloader-worker-59bd5f9575-gp6j6 1/1 Running 1 (105s ago) 2m5s agility-autoloader-server-d77c7c97d-6262g 1/1 Running 0 2m5s agility-data-pipeline-774f4c7b4c-p79hl 1/1 Running 0 2m5s agility-ui-cube-api-b9976d6b8-ktztq 1/1 Running 0 2m5s agility-proxy-6f57c54898-rnrjx 2/2 Running 0 2m5s agility-autoloader-0 1/1 Running 0 2m5s agility-ui-6d8dc8d4fb-8w6xx 2/2 Running 0 2m5s agility-db-a1-l7ct-0 5/5 Running 0 8m47s agility-backend-7ff9c6b48c-5kjcb 1/1 Running 0 2m5s

  4. Once AGILITY is deployed, you can connect to the UI using port-forwarding:

    export HTTP_SERVICE_PORT=$(kubectl get --namespace agility -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services agility) kubectl port-forward --namespace agility svc/agility 3000:${HTTP_SERVICE_PORT}

  5. Access AGILITY in your browser at http://localhost:3000/cv/

    • username: agility-admin@b-yond.com

    • password: agility-admin@b-yond.com

    ℹ️ The default password must be modified on first login.

    To stop the port-forwarding process, press Ctrl+C in the terminal where you executed the command.

Expose AGILITY UI

To make AGILITY accessible from outside the cluster, various options can be used to expose the agility ClusterIP Kubernetes service. You can leverage the following Kubernetes constructs that align with your predefined guidelines. This includes:

  • Ingress

  • LoadBalancer Service

  • NodePort

Consider your specific network infrastructure, cloud provider capabilities, and security requirements when choosing the appropriate method to expose AGILITY.

 

Next - Configuration

Uninstall

To uninstall the AGILITY deployment and associated resources:

  1. Delete the Helm charts at the namespace level:

    helm -n agility delete agility --wait helm -n agility delete agility-services --wait

  2. Remove namespace

    kubectl delete namespace agility

Note: If you have no plans to install another instance of AGILITY, you can also remove the agility-system Helm release in the kube-system namespace:

helm -n kube-system delete agility-system --wait kubectl -n kube-system delete secret byond-container-registry-credential

Related content