Prerequisites
Kubernetes or Openshift Cluster
TLS certificate chain and key
Credentials of and access to https://repo.secure.mid.de/
Credentials of and access to https://repo.mid.de
Preparations
Secrets for the TLS certificate and credentials for the image registry
Create a file named “tls-secret.yaml”, using this template:
apiVersion: v1 data: tls.crt: <Complete TLS certificate chain, base64 encoded> tls.key: <TLS certificate key, base64 encoded> kind: Secret metadata: name: cdcm-certs type: kubernetes.io/tls
Apply the secret:
sudo kubectl apply -f tls-secret.yaml -n cdcm
Create a file “regcred-secret.yaml”, using this template:
apiVersion: v1 data: .dockerconfigjson: <Base64 encoded image registry credentials> kind: Secret metadata: name: regcred type: kubernetes.io/dockerconfigjson
Apply the secret:
sudo kubectl apply -f regcred-secret.yaml -n cdcm
Add the chart repo
sudo helm repo add cdcm https://repo.secure.mid.de/chartrepo/cdcm --username <user> --password <password> && sudo helm repo update
Customize values file
Create a file “values.yaml”, using this template
global: domain: "<your domain>" env: hosts: cdcm: subdomain: "<your subdomain>" port: "8080" mongoConnectionString: "mongodb+srv://USER:PASSWORD@<MongoDB Atlas cluster adress>/?retryWrites=true&w=majority&appName=Cluster0" oauth10a: active: true enabled: true outbound: details: - name: "mid-jts-outbound" protectedUrlRoots: "" #multiple entries, comma seperated consumerKey: "consumer-key" consumerSecret: "secret" rootServices: "https://elmdemo.smartfacts.com:9443/jts/rootservices" inbound: realm-name: "" spacesData: '[{"key": "name of database","title": "Space title"}]' authClientId: "cdcm" authClientSecret: "client_secret" authIssuerUri: "" authUri: "" authTokenUri: "" authUserInfoUri: "" authJwkSetUri: "" authUsePkce: false # Indicates whether Proof Key for Code Exchange (PKCE) is used authClientRolesAttribute: "roles" # Attribute name for client roles authUserIdAttribute: "sub" # Attribute name for user ID authUserNameAttribute: "name" # Attribute name for user name authFirstNameAttribute: "given_name" # Attribute name for user's first name authLastNameAttribute: "family_name" # Attribute name for user's last name authMailAttribute: "email" # Attribute name for user's email address jwtIssuerUri: ""
The environment variables for the authentication block are documented in Environment variables
Install CDCM
helm upgrade --install --timeout 1m0s cdcm cdcm/cdcm -f values.yaml --version 1.0.6 -n cdcm --create-namespace --debug
Watch Deployment (in a new Session)
Open a second session on the server and enter the following command:
sudo watch kubectl get deployments -n cdcm
As soon as all deployments are available, the installation is ready.
0 Comments