Bootstrapping the Kubernetes cluster
Prepare the Kubernetes cluster before installing the Component Pack for HCL Connections™.
Bootstrapping a Kubernetes cluster performs the following tasks:
- Checks the Kubernetes version
- Creates the required Kubernetes secrets
- Creates the required HCL Connections certificates
-
Configures Redis for use by the Orient Me component
-
Run the bootstrap chart with the following command:
helm install \ --name=bootstrap extractedFolder/microservices_connections/hybridcloud/helmbuilds/bootstrap-0.1.0-20200319-174729.tgz\ --set \ image.repository=Docker\_registry/connections,\ env.set_ic_admin_user=ic\_admin\_username,\ env.set_ic_admin_password=ic\_admin\_password,\ env.set_ic_internal=ic\_internal,\ env.set_master_ip=master\_ip,\ env.set_elasticsearch_ca_password=es\_ca\_password,\ env.set_elasticsearch_key_password=es\_key\_password,\ env.set_redis_secret=redis\_secret\_password,\ env.set_search_secret=search\_secret\_password,\ env.set_solr_secret=solr\_secret\_password,\ env.set_starter_stack_list=starter\_stack\_list,\\ env.skip_configure_redis=true/false
Table 1 describes the variables used in the command.
Helm values Description image.repository
Required. The name of the Docker registry where you pushed the Docker images for deploying the Component Pack (including the port if applicable). env.set_ic_admin_user
Required. The username of the Connections Administrator account, which is also the WebSphere® Application Server administrator account. env.set_ic_admin_password
Required. The password for the Connections Administrator account, which is also the WebSphere Application Server administrator account. env.set_ic_internal
Required for Orient Me. The FQDN of your HCL Connections HTTP server, used for configuring Redis. If you do not deploy Orient Me, you can omit this setting. env.set_master_ip
Required for Orient Me. The IP address of the Kubernetes master node -- if using HA, this will be the master node's virtual IP. env.set_elasticsearch_ca_password
Minimum of 6 characters. Set the Elasticsearch CA password. If you omit this entry, the password will be generated for you. env.set_elasticsearch_key_password
Minimum of 6 characters. Set the Elasticsearch Key password. If you omit this entry, the password will be generated for you. env.set_redis_secret
Minimum of 6 characters. Set the Redis secret. If you omit this entry, the password will be generated for you. env.set_search_secret
Minimum of 6 characters. Set the search secret. If you omit this entry, the password will be generated for you. env.set_solr_secret
Minimum of 6 characters. Set the Solr secret. If you omit this entry, the password will be generated for you. env.skip_configure_redis
If you want to skip the Redis configuration, set this variable to true
; otherwise you can omit it because it defaults tofalse
.Note: Redis is required for Orient Me, so only skip the Redis configuration it if you do not plan to deploy Orient Me. If you later deploy Orient Me, you can either run the bootstrap install again, or configure Redis manually as explained in Manually configuring Redis traffic to Orient Me.
|
|env.set_starter_stack_list
|If you don't want to deploy all of the components, you can specify the ones you want as a space-delimited list enclosed in quotation marks. Options are: - customizer
- elasticsearch
- orientme
For example:
```
env.set_starter_stack_list="elasticsearch customizer" ```
|
Table 2 describes other optional helm values.
|Setting|Description|
|-------|-----------|
|`namespace`|The name of the namespace to bootstrap. If not specified, the connections namespace is used.|
|`env.force_regenerate`|By default, this is set to false, meaning the bootstrap will not remove any secrets or certificates if it has detected that there is a service using them. Set this value to true if you want to force regenerate them.|
By default, the service secret and certificate passwords are randomly generated by the bootstrap Helm chart. It is highly recommended to use environment variables to set these passwords manually for use with the bootstrap Helm chart, because you will require some of them when configuring the services with the HCL Connections WebSphere stack. All passwords must be at least 6 characters in length.
If you omit the passwords and later want to view the ones that were generated for you, retrieve them by running the following command, where secret\_name indicates which password you want to see:
```
kubectl get secret secret\_name -n connections -o yaml
```
The password displays as a base64-encoded string. You can convert it to plain text by running the following command, where encoded\_password is the value of the generated password in base64 encoding.
```
echo encoded\_password | base64 --decode
```
-
Determine whether the bootstrap has completed by running the following command:
kubectl get pods -n connections -a | grep bootstrap
When the bootstrap is complete, the bootstrap pod shows Complete as its status.
-
Note down the name of the bootstrap pod.
-
Confirm that the bootstrap was successful by checking the log.
To check the log, run the following command using the name of the bootstrap pod that you noted down in the previous step (in this example,
connections
is the name of the namespace):kubectl logs bootstrap\_pod\_name -n connections
A successful bootstrap is indicated with a message similar to the following example:
Environment setup successfully complete for stack(s): orientme, elasticsearch, customizer Ready for Helm install.
Attention: Do not proceed any further unless the bootstrap helm chart has successfully completed.
Enabling Redis changes to take immediate effect : 1. Browse to the WebSphere Integrated Solutions Console and log in.
For example: https://your\_HCL Connections\_URL:9043/ibm/console
- Click Applications > All Applications.
- Stop and restart the News application.
Re-running the bootstrap : If you want to re-run the bootstrap, you must first delete the bootstrap helm release from the release list by running the following command:
```
helm delete bootstrap --purge
```