Lab2 deploy custom acs in k8s aws - Alfresco/alfresco-acs-workshops GitHub Wiki
This lab will describe how to deploy the custom image created in Lab1 into the Kubernetes cluster in AWS. The exercise will include creation of the cluster in AWS using Kops and deploying ACS Community Helm chart with a custom image in it.
- Setup AWS environment. Please follow the getting started guide to setup your environment, configure DNS and create S3 bucket to store the cluster configuration. Having a public DNS record will ease the access to the cluster itself and also to the deployed software.
- Create the the k8s cluster. Please follow the documentation to install and configure the cluster. For this example one worker node (16Gb m4.xlarge) is enough to deploy ACS Community.
- Deploy Kubernetes dashboard. It is going to be handy to deploy the Kubernetes dashboard. And also external DNS.
- Deploy Helm (Tiller) This is a cluster-side part of Helm that will deploy the Helm charts. Please follow this guide or official documentation.
Please follow the documentation to deploy ACS Helm chart into k8s cluster. Note that in order to complete the ingress installation it is required to create a public certificated for your hosted zone in AWS Certificate Manager and find it's ARN. It will be used in the commands to set up the ingress. Also it is not required to create a Docker registry secret if your custom image is publicly available, so the whole section "Creating a Docker registry pull secret" can be skipped. Please use ACS Community for deployment and note that if External DNS was configured the DNS records for ingress will be installed automatically. Here is a command cheat sheet to install Ingress and ACS Community:
export EFS_SERVER=<efs-id>
export namespace=<namespace-id>
# Root DNS name of the hosted zone, like example.alfresco.com
export ROOT_DNS=<hosted-zone-id>
export SSL_CERT_ARN=<ssl-cert-arn>
export ACS_IMAGE_NAME=<acs-docker-image-name>
export ACS_IMAGE_TAG=<acs-docker-image-tag>
kubectl create namespace ${namespace}
helm repo add alfresco-incubator https://kubernetes-charts.alfresco.com/incubator
helm repo add alfresco-stable https://kubernetes-charts.alfresco.com/stable
helm install stable/nginx-ingress \
--version 0.21.0 \
--set controller.scope.enabled=true \
--set controller.scope.namespace=${namespace} \
--set rbac.create=true \
--set controller.config."force-ssl-redirect"=\"true\" \
--set controller.config."proxy-body-size"="100m" \
--set controller.service.targetPorts.https=80 \
--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-backend-protocol"="http" \
--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-ssl-ports"="https" \
--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-ssl-cert"=${SSL_CERT_ARN} \
--set controller.service.annotations."external-dns\.alpha\.kubernetes\.io/hostname"="${namespace}.${ROOT_DNS}" \
--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-ssl-negotiation-policy"="ELBSecurityPolicy-TLS-1-2-2017-01" \
--set controller.publishService.enabled=true \
--namespace ${namespace}
helm install alfresco-stable/alfresco-content-services-community \
--version 2.2.0 \
--set repository.image.name=${ACS_IMAGE_NAME} \
--set repository.image.tag=${ACS_IMAGE_TAG} \
--set externalPort="443" \
--set externalProtocol="https" \
--set externalHost="$namespace.dev.alfresco.me" \
--set alfresco-infrastructure.persistence.efs.enabled=true \
--set alfresco-infrastructure.persistence.efs.dns="$EFS_SERVER" \
--set postgresql.persistence.subPath="$namespace/alfresco-content-services/database-data" \
--set persistence.repository.data.subPath="$namespace/alfresco-content-services/repository-data" \
--set alfresco-search.persistence.search.data.subPath="$namespace/alfresco-content-services/solr-data" \
--namespace=$namespace