Using Helm to Install the Microservice Infrastructure

Owned by Technische Redaktion
Last updated: Oct 04, 2021

This tutorial explains how to use the Kubernetes package manager Helm to install the yuuvis® Momentum microservice infrastructure on a Kubernetes cluster.

Requirements

  • Functioning Kubernetes cluster (see Kubernetes Installation Guide)

  • Helm installation (install and add stable helm repository helm repo add stable https://kubernetes-charts.storage.googleapis.com/)

  • Cloned yuuvis-api-helm-charts repository as working directory (see Version Tags Services)

Installing the Infrastructure Chart

  1. Navigate to the /infrastructure directory within the cloned repository using a kubectl-/ helm-capable terminal/ cmd.

  2. Download the dependencies required by the chart: helm dep up

  3. Switch back to the parent directory

  4. Create namespace in Kubernetes cluster:  kubectl create namespace infrastructure

  5. Install the contents of the chart on the cluster: helm install infrastructure --set yuuvis.authentication.ip=(CLUSTER_IP or LOAD_BALANCER_IP from authentication) ./infrastructure --namespace infrastructure 

  6. Run kubectl get jobs -n infrastructure to check whether the jobs have been initialized

  7. Run helm list --namespace infrastructure to see the if the infrastructure chart was deployed (STATUS DEPLOYED)

  8. Install the prometheus monitoring operator:  helm install prometheus-operator stable/prometheus-operator --namespace infrastructure --values ./monitoring/values.yaml
  9. Run helm list --namespace infrastructure to verify that the prometheus operator chart has been deployed
  10. Run kubectl --namespace infrastructure get pods -l "release=prometheus-operator" to get the monitoring operator pod status
  11. Finally setup the alerting rules and service monitor by running these two commands: 

    kubectl apply -f ./monitoring/templates/prometheus-alerting-rule.yaml -n infrastructure and kubectl apply -f ./monitoring/templates/servicemonitor

Naming the chart during installation is necessary as each service would otherwise receive a default prefix from Kubernetes, making it difficult for the yuuvis® Momentum services to interact with them later. This also enables us to rollback our installation using helm uninstall infrastructure --namespace infrastructure and helm uninstall prometheus-operator --namespace infrastructure. Delete the final setup for monitoring  kubectl delete servicemonitor --all -n infrastructure and kubectl delete prometheusrule --all -n infrastructure


After uninstalling release 2 resource should also be deleted 

  • kubectl delete clusterrole create-selfsigned-cert 
  • kubectl delete clusterrolebinding create-selfsigned-cert

The infrastructure chart contains:

  • PostgreSQL: database service

  • Elasticsearch: search engine

  • Minio: object storage

  • Gogs: self-hosted Git service

  • RabbitMQ: message broker

  • Keycloak: identity and access management service

  • Redis: in-memory data structure store

Boot time for all of the services in the infrastructure chart can be quite substantial and outlast the moment at which the Kubernetes dashboard will show that all service pods are "Running". Depending on the clusters' resources, the process can take up to 10 minutes. Whether a service pod is truly ready can be determined by taking a look at the logs of each pod. These can be reached by executing kubectl logs <pod ID>, where the pod ID can be derived from kubectl get pods --all-namespaces. This command returns all pods. Wait until all services in infrastructure namespace have successfully booted before moving on to the second chart.

Installing the yuuvis® Momentum Services Chart

  1. Navigate to the root helm chart directory within the cloned repository using a kubectl-/helm-capable terminal/cmd.
  2. Create namespace yuuvis: kubectl create namespace yuuvis

  3. Install the contents of the chart on the cluster:  helm install yuuvis --set yuuvis.keycloak.ip=(CLUSTER_IP or LOAD_BALANCER_IP from keycloak) ./yuuvis --namespace yuuvis

  4. Run kubectl get pods -n yuuvis to check whether the jobs have been initialized

Again, naming our chart prevents randomization of service identifiers and gives us the ability to rollback all associated services using helm uninstall yuuvis --namespace yuuvis


Once both charts have been completed, the following services should be available using the IP of the cluster and the service-specific port.

Service

Port

Username:Password

Authentication

30080

 root:optimal

KeyCloak

30111

keycloak:optimal


All yuuvis® Momentum services reach out to the configservice on startup to retrieve their configuration files, which results in a short delay before that service are fully operable.

The yuuvis® Momentum chart configures the Authentication and Organization services for oAuth2 with the tenants "yuuvistest" and "testyuuvis".