In this instructions we assume that you deploy Smartfacts into an existing Kubernetes cluster. You need a cluster with at least 3 worker nodes of 2 cpu and 16GB RAM each.

Prepare your infrastructure

Please prepare your infrastructur as described in https://smartfacts.atlassian.net/wiki/spaces/SPD/pages/57180191/Installing+Smartfacts+in+Production#Prepare-your-infrastructure.

Prepare Deployment

Add MID Repository

You will need a username and password to download the helm chart and containers from MID's repository. You will receive username and password from your MID contact or from cops@mid.de.

sudo helm repo add mid-smartfacts https://repo.secure.mid.de/chartrepo/smartfacts --username <USERNAME> --password <PASSWORD>

sudo helm repo update

Provide Certificates and Key as Base64 String

Prerequisite: The complete certificate chain is in a file as base64-encoded x509 certificates. The certificates are contained in the file in the correct order (server certificate at the top, root certificate at the bottom). See Section “Certificates” above in this article.

Save certificate chain as a base64 string:

cat <your certificate chain.crt> | base64 -w0 > chain.crt.base64

Save certificate key as base64 string:

cat <your certificate key.key> | base64 -w0 > key.base64

Customize Values File

Change to your user's home directory on the server and create a new text file values.yaml with the following content:

global:
  domain: "<your-domain>"
  instance: "smartfacts"
  registry: "repo.mid.de"
  repologin: <login provided by MID>
  cert:
    crtFullChain: "<FULL-CHAIN-CERT-BASE64>"
    key: "<CERT-KEY-BASE64>"
  ingress:
    enabled: true
    # if you use nginx as ingress controller please comment in this line:
    #ingressClassType: "nginx" 
  ldap:
    # The url of the ldap server
    url: #TODO
    # The base DN of the ldap
    base_dn: #TODO
    # Group search base
    g_search_base: #TODO
    # User search base
    u_search_base: #TODO
    # The ldap filter, which reduces the results to the relevant users and groups
    search_filter: #TODO
    # The read only user accessing the ldap
    user: #TODO
    # The password of the read-only user accessing the ldap.
    password: #TODO

    # The following section contains the mapping of the ldif attributes in your ldap to the attributes in Smartfacts.
    # The default values stated in the comments are the valid values for an openldap.
    # The values stated in the active fields (not out commented) are the correct values for an Active directory.
    # TODO: Please adopt the values, so that they fit to your ldap / Active directory instance.
    ldif_attributes:
      # The field for the unique id of an object. Default: "entryUUID"
      uniqueid: "objectGUID"
      # Classname of the group object. Default: "groupOfNames"
      classname_group: "group"
      # Classname of the user object. Default: "person"
      #classname_user: "person"

      # The field for the NameID of users. Default: "cn"
      user_nameid: "sAMAccountName"
      # The field for the given name of a user. Default: "givenName"
      #user_first_name: "givenName"
      # The field for the last name of a user. Default: "sn"
      #user_last_name: "sn"
      # The field for the title of a user. Default: "title"
      #user_title: "title"
      # The field for the email of a user. Default: "mail"
      #user_mail: "mail"
      # The field for the telephone number of a user. Default: "telephoneNumber"
      #user_phone: "telephoneNumber"
      # The field for the thumbnail photo of a user. Default: "thumbnailPhoto"
      #user_photo: "thumbnailPhoto"
      # The field for the division of a user. Default: "division"
      #user_division: "division"
      # The field for the company of a user. Default: "company"
      #user_company: "company"
      # The field for the display name of a user. Default: "displayName"
      user_display_name: "cn"

      # The field for the NameID of groups. Default: "cn"
      #group_nameid: "cn"
      # The Field for the full name of a group member. Default: "cn"
      #group_member_full_name: "cn"
      # The field for group members. Default: "member"
      #group_member: "member"
genoslc:
  enabled: true # Set to false if you want to use Smartfacts only (no OSLC connection to itger tools). In this case you cann skip the rest of this "genoslc" section.
  env:
    authorizationUri: "<Authorization URL of identity provider>"
    tokenUri: "<Token URI of identity provider>"
    userInfoUri: "<UserInfo URI of identity provider>"
    trsEnabled: false # Set to true if you use Smartfacts as data source for a link index
    configuration:
      # Give a list of up to 5 usernames of users which will have the administration right to change settings in Smartfacts.
      # At leas one administrator user must be stated here.
      administrators: 
        - <administrator1> # replace this value with the username of the person who should configure the oauth10a information for the OSLC Connector for Smartfacts
      # key used to encrypt the oauth10a configuration data
      oauth10aEncryptionKey: "" # define the key which is used to encrypt the oauth10a informatin in the database

keycloak:
  openldap:
    enabled: false
    
mailservice:
  enabled: true
  filterEnabled: "false"
  serviceType: "smtp"   # Replace with aws if AWS email service is used
  sender: "noreply@yourdomain"
  smtp:
    host: ""
    port: "25"
    startTLS: true
    SSLOnConnect: false
    username: ""
    password: ""
  aws:
    region: "AWS-Region"
    key: "AWS-Key"
    secret: "AWS-Secret"

Replace the value of the domain property with your domain name.
Replace the placeholder of the crtFullChain property with the content of the file chain.crt.base64.
Replace the placeholder of the key property with the content of the key.base64 file.
Replace all values marked with #TODO with the appropriate values in the ldap section.
Adopt all values that do not suite to your ldap in the ldap section.
Fill out the mailservice variables to your needs
Save the values.yaml file.

Install Smartfacts

Execute the Installation

Enter the following command to execute the Installation:

sudo helm upgrade --install --timeout 20m0s smartfacts mid-smartfacts/smartfacts -f values.yaml --version 4.6.5-genoslcv2 -n smartfacts --create-namespace

Watch Deployment (in a new Session)

Open a second session on the server and enter the following command:

sudo watch kubectl get deployments -n smartfacts

As soon as all deployments are available, the installation is ready.

Setting-Up the CAMP (Customer Accounts for MID Products)

This section is used to add the users who will be authorized to use the instance and to assign the licenses. When you open https://camp.<yoursmartfactsdomain>, and log in with your credentials, you will be taken to this page:

In section 1, upload the license file MID has provided in step 4 by clicking the upload button in the upper right-hand corner and by selecting the license file.
In section 2, set an account name.
In section 3, synchronize the users from OpenLDAP to CAMP by clicking UPDATE USERS AND GROUPS.
Assign licenses to users and groups in the CAMP.
Check all users and/or groups that should have a license and assign licenses by clicking ASSIGN LICENSES.

The creation of the account is now complete and licenses are assigned to the users.

Create a Smartfacts Model Warehouse

Open the Smartfacts URL in your browser: https://smartfacts.<yoursmartfactsdomain> and log-in with the account manager credentials (user “acm”, password “acm”).
You will now be asked to create a Model Warehouse.
1. Click on CREATE A NEW MODEL WAREHOUSE.
2. In the create dialog, first select the previously created account.
3. Provide a name for the Model Warehouse.
4. Optionally, activate the check box Create Demo Models if you want some demo content to be added to the Model Warehouse.

Model Warehouse creation is the final step in the Smartfacts platform set-up process.

Install Smartfacts with ldap and email service