Prerequisites
Kubernetes or Openshift Cluster
TLS certificatescertificate chain and key
Credentials of and access to https://repo.secure.mid.de/ MID chart repository
Credentials of and access to https://repo.mid.de MID Docker repository
Preparations
Secrets for the TLS
...
Certificate and
...
Credentials for the
...
Image Registry
Create a file named “tls-secret.yaml”, using this template:
Code Block |
---|
apiVersion: v1 data: tls.crt: <Complete TLS certificate chain, base64 encoded> tls.key: <TLS certificate chainkey, base64 encoded> kind: Secret metadata: name: cdcm-certs type: kubernetes.io/tls |
Apply the secret:
Code Block |
---|
sudo kubectl apply -f tls-secret.yaml -n cdcm |
Create a file “regcred-secret.yaml”, using this template:
Code Block |
---|
apiVersion: v1 data: .dockerconfigjson: <Base64 encoded image registry credentials> kind: Secret metadata: name: regcred type: kubernetes.io/dockerconfigjson |
Apply the secret:
Code Block |
---|
sudo kubectl apply -f regcred-secret.yaml -n cdcm |
Add the
...
chart repo
Code Block |
---|
sudo helm repo add cdcm https://repo.secure.mid.de/chartrepo/cdcm --username <user> --password <password> && sudo helm repo update |
...
Customize Values File
Create a file “values.yaml”, using this template
Code Block |
---|
global: domain: "<your domain>" env: hosts: adminToken: "<base64 string of user:password>" |
Replace the placeholder <your domain> with the FQDN of your instance
...
cdcm:
subdomain: "<your subdomain>"
port: "8080"
mongoConnectionString: "mongodb+srv://USER:PASSWORD@<MongoDB Atlas cluster adress>/?retryWrites=true&w=majority&appName=Cluster0"
spacesData: '[{"key": "name of database","title": "Space title"}]'
authClientId: "cdcm"
authClientSecret: "client_secret"
authIssuerUri: ""
authUri: ""
authTokenUri: ""
authUserInfoUri: ""
authJwkSetUri: ""
authUsePkce: false # Indicates whether Proof Key for Code Exchange (PKCE) is used
authClientRolesAttribute: "roles" # Attribute name for client roles
authUserIdAttribute: "sub" # Attribute name for user ID
authUserNameAttribute: "name" # Attribute name for user name
authFirstNameAttribute: "given_name" # Attribute name for user's first name
authLastNameAttribute: "family_name" # Attribute name for user's last name
authMailAttribute: "email" # Attribute name for user's email address
jwtIssuerUri: ""
oauth10a:
active: true
enabled: true
outbound:
details:
- name: "mid-jts-outbound"
protectedUrlRoots: "" #multiple entries, comma seperated
consumerKey: "consumer-key"
consumerSecret: "secret"
rootServices: ""
inbound:
realm-name: "" |
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
|
Install CDCM
Code Block |
---|
helm upgrade --install --timeout 1m0s cdcm cdcm/cdcm -f values.yaml --version 1.0.6 -n cdcm --create-namespace --debug |
Watch Deployment (in a new Session)
Open a second session on the server and enter the following command:
Code Block |
---|
sudo watch kubectl get deployments -n cdcm |
As soon as all deployments are available, the installation is ready.