_Installing Black Duck in Clusters not Running the Operator - blackducksoftware/hub GitHub Wiki

This page has been deprecated. Please see the official Kubernetes Black Duck Installation Guide here.

Introduction

Synopsys provides Synopsys Operator to simplify the deployment of Black Duck software in Kubernetes and OpenShift clusters. In addition to deploying software, the Synopsys Operator also monitors and maintains the state of the software it deploys.

Despite these benefits of Synopsys Operator, there are some circumstances in which you might want to install Black Duck in Kubernetes/OpenShift without Synopsys Operator. These circumstances include:

  • Needing to configure options not supported by Synopsys Operator
  • Not wanting Synopsys Operator monitoring and maintaining state

In these cases, there is a process you can follow to install Black Duck manually. This page describes that process.

Summary

The procedure to install Black Duck manually is to install Synopsys Operator in a temporary local environment (for example, minikube or minishift), deploy a Black Duck instance in that environment, extract configuration information from the Black Duck deployment, then use this configuration information to bootstrap a Black Duck installation in your production cluster.

Procedure

  1. Pick a temporary Kubernetes sandbox environment.

The first step is installing a local copy of minishift or minikube. On a macOS this can be as easy as brew cask install minikube, or you can run minishift. These products run on any operating system: Windows, macOS, or Linux. If you need a recommendation on how to set one up, contact Black Duck support, or simply read kubernetes.io/docs/setup/minikube.

  1. Run Synopsys Operator on it.

Follow the Synopsys Operator Installation Guide to install Operator, and then install a Black Duck instance using the Black Duck Installation Guide. Make sure your cluster has at least enough memory to provision postgres, and then wait for at least 2 pods to show up, some may be in a state of Pending.

  1. Export your YAML artifacts.

In your sandbox environment, collect your configuration information with the following command:

kubectl get deployments,secrets,configmap -o yaml -n my-namespace --export=true > createme.yaml
  1. Modify the YAML files if necessary.

If you want your Black Duck instance to have a configuration different from the configuration you created in the sandbox environment, then you must edit your YAML configuration files accordingly before you import them.

The primary use case here is to create a Black Duck configuration that is not currently supported by the Synopsys Operator. That said, this should not occur for most users, as most Black Duck configurations are possible using Synopsys Operator.

  1. Import this configuration into your production cluster.

In your actual production cluster, run the following command: kubectl create -f createme.yaml

  1. Exec into your Postgres pod, and run the following SQL create script in your Postgres database:
CREATE DATABASE bds_hub owner blackduck ;
CREATE DATABASE bds_hub_report owner blackduck;
CREATE DATABASE bdio owner blackduck;

CREATE USER blackduck_user;

CREATE USER blackduck_reporter;

\c bds_hub
CREATE EXTENSION pgcrypto;
CREATE SCHEMA st AUTHORIZATION blackduck;
GRANT USAGE ON SCHEMA st TO blackduck_user ;
GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA st TO blackduck_user;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA st to blackduck_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA st GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON TABLES TO blackduck_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA st GRANT ALL PRIVILEGES ON SEQUENCES TO blackduck_user;

\c bds_hub_report
GRANT SELECT ON ALL TABLES IN SCHEMA public TO blackduck_reporter;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO blackduck_reporter;
GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON ALL TABLES IN SCHEMA public TO blackduck_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, TRUNCATE, DELETE, REFERENCES ON TABLES TO blackduck_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO blackduck_user;

\c bdio
GRANT ALL PRIVILEGES ON DATABASE bdio TO blackduck_user;

And finally, set passwords for your blackduck, and blackduck_users. Replace the X's below with the default password you used when you installed the Operator.

ALTER USER blackduck SET PASSSWORD XXXXX
ALTER USER blackduck_user SET PASSSWORD XXXXX