Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Tip

Setup guidelines

...

Panel
borderColor#3572b0
borderWidth3


Expand
titleHardware Configuration



Kubernetes Master & Node configuration
No. of instances3 - 1 Master, 2 Nodes 
AWS Instance typem3.xlarge
OSRHEL 7
Storage200 GB
Mem (GiB)15GB
vCPU4


Note
Configuration varies depending on the work load.



Expand
titleSoftware
  • Kubernetes version : 1.8.5
  • Docker version        : 1.12.6
  • Python version        : 2.7
  • Jenkins                    : 2.60.1
  • Postgres DB            : 9.5.10
  • Apache Tomcat        : 7.0.76


Expand
titleRecommended Network Ports
  • Kube API Server                      : 6443
  • Python service                         : 5000
  • Postgres DB                             : 5432
  • Jenkins docker container host  : 8080
  • Apache Tomcat                         : 443


Expand
titleInstallation of Kubernetes Cluster

Connect to AWS EC2 instance from Windows using PuTTY

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html

Execute the following commands in the Master and Slave machines

  1. Switch to the root user (sudo -s or sudo su)
  2. yum update
  3. yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional  

    Note: yum-config-manager --enable is to enable/disable extra and optional repos.

  4. yum update

  5. yum install -y docker

  6. systemctl enable docker && systemctl start docker

  7. yum install -y kubelet kubeadm kubectl

  8. systemctl enable kubelet && systemctl start kubelet

  9. Execute the following commands to reload and restart docker:

          systemctl daemon-reload
          systemctl restart docker

Execute the following commands in the Master Machine

  1. # kubeadm init

        In case, kubernetes cluster configuration located in $HOME/.kube/config then run the following command

       To start using your cluster, run below commands:

         # mkdir -p $HOME/.kube

          # sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

          # sudo chown $(id -u):$(id -g) $HOME/.kube/config

          # export KUBECONFIG=$HOME/.kube/config

         # cp  /etc/kubernetes/admin.conf  /usr/share/tomcat/ (In RHEL, Tomcat expects the admin.conf to be present in /usr/share/tomcat where BuildOn App is hosted. In  tomcat log if it expects kube.config in a different directory place it correspondigly ).

Note

Add “export KUBECONFIG=$HOME/.kube/config” to ~/.bashrc file in order to export the conf file. If this is not added, the export will be applicable only to the current putty session. For a new session, the Kubernetes API will be unreachable.

 

2. In order to communicate on the network, run the following commands

         # kubectl apply -f https://git.io/weave-kube-1.6

3. To create Kubernetes dashboard, run the following commands -

          # kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml 

Note

Dashboard will run as a Kube service either in the Master or in any one of the Slaves. Run “kubectl get svc –all-namespaces” to identify the PORT number of the dashboard. Access the dashboard through https://IP:PORT.

4. Create a cluster role and bind all services then allow anonymous user to access Kube API

 If the below kubectl commands are not executed, you will get an error - 'User "system:serviceaccount:default:default" cannot list pods in the namespace "default"'       

        # kubectl create clusterrolebinding serviceaccounts-cluster-admin --clusterrole=cluster-admin --group=system:serviceaccounts

        # kubectl create rolebinding bob-admin-binding --clusterrole=admin --user=system:anonymous --namespace=default 

     (OR) Use below authentication token (preferred one)

       # curl -k `(kubectl config view | grep server | cut -f 2- -d ":" | tr -d " ")`/api/v1/namespaces/default/pods/web/log --header "Authorization: Bearer `(kubectl describe secret $(kubectl get secrets | grep default | cut -f1 -d ' ') | grep -E '^token' | cut -f2 -d':' | tr -d '\t')`"

Execute the following command in the Slave machines to connect to the Master machine

  1. After kubeadm init, you will obtain a token as shown below -

# kubeadm join --token <token id> <Primary IP>:6443

Execute it in the slave machines.

2. Post execution, go to the Master machine and run “kubectl get nodes”, and verify if the nodes have joined the cluster.

3. Verify if all pods are up and running.

#kubectl get pods --all-namespaces

You will get an output similar to the one shown below -



Expand
titleBuildOn Framework Setup

BuildOn Scripts

Following are the mandatory files to be located under the directory "/home/ec2-user/BuildOn" to execute the BuildOn.

List of Scripts/JARs
S.NoScript nameDetails
1app.pyPython service (web-hook)
2buildon.pyContains the logic to retrieve payload values, insert Buildon commit record to DB, run Kubernetes Pod
3dbupdate.pyUpdates Jenkins live job’s status to 'buildon_reports table'
4buildon.propertiesContains Kubernetes master IP and framework port

Python modules to be installed in Kube Master

Run the following commands to install Python modules in Kubernetes Master Server.

  1. yum install gcc openssl-devel bzip2-devel
  2. wget https://www.python.org/ftp/python/2.7/Python-2.7.tgz
  3. tar xzf Python-2.7.tgz
  4. Go to the python directory and execute  ./configure --enable-optimizations
  5. make altinstall → Prevents from replacing the default python binary file /usr/bin/python
  6. curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py"  → Installs pip utility for the python version

Install Python modules using pip :

  1. pip install wget
  2. pip install docker==2.0.0
  3. pip install pytz
  4. pip install elasticsearch
  5. pip install sys
  6. pip install configparser
  7. pip install gunicorn
  8. pip install gevent
  9. pip install app
  10. pip install flask
  11. pip install pg8000


Info

In case, any other modules are left out while executing app.py, please install them as well.

Execution of Python service

Run the following command from /home/ec2-user/BuildOn folder where app.py located to keep the service always up and running

# nohup  gunicorn -k gevent -b 0.0.0.0:5000 -w 2 --timeout 90 app:app > framework.log &


Expand
titlePostgreSQL Setup

PostgreSQL DB usage in BuildOn

PostgreSQL is used to store the extracted data from SCM payload and framework in the DB tables buildon_users, buildon_scmdetails, buildon_preferences, buildon_reports and buildon_servcies. Refer the installation steps to setup PostgreSQL DB for BuildOn.

Installation Steps

Run the following command to setup PostgreSQL

1. yum install postgresql95-server postgresql95-contrib 

2. /usr/pgsql-9.5/bin/postgresql95-setup initdb

3. systemctl enable postgresql-9.5.service

4. Change the authentication method ‘ident’ to ‘trust’ in pg_hba.conf file

5. systemctl start postgresql-9.5.service

You can set the postgres user password using following command :

#sudo passwd postgresCheck configuaration detail using # \conninfo

How to connect PostgreSQL ? 

#sudo -u postgres psql postgres

Check configuaration detail using
# \conninfo


Expand
titleBuildOn Application Setup

BuildOn application is deployed on Apache Tomcat 8.0.39Tomcat  server.

Connect to AWS EC2 instance from Windows using PuTTY

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html

Apache Tomcat as a Service - installation steps

  1. yum install tomcat*

  2. systemctl start tomcat

  3. systemctl enable tomcat [ To start tomcat on boot ]

  4. Add the following lines in /usr/share/tomcat/conf/tomcat-users.xml

    <tomcat-users>

    <user username="username" password="password" roles="admin-gui,manager-gui"/>

    </tomcat-users>

BuildOn application deployment

Deploy the buildon.war using one of the following methods:

  • Tomcat Manager console 
  • Directly place the buildon.war file in webapps folder(/var/lib/tomcat/webapps)

Post successful deployment of BuildOn, application will be accessible @ https://<KubeMasterIP>/buildon  

 Enable SSL in tomcat

https://syslint.com/blog/tutorial/how-to-add-ssl-certificate-for-a-domain-in-tomcat-8-server/

Note: Tomcat is advised to be installed as a Service for proper functioning of applications interacting with Git APIs.


Expand
titleBuildOn Application - LDAP Configuration

LDAP configuration in BuildOn

  1. Locate buildon.properties under buildon application resources folder (src/main/resources/buildon.properties)
  2. Set isLDAP=true to use the LDAP for login; isLDAP=false to use DBtable for login, For LDAP set values - ldap.user and ldap.password and isLDAP to true and isopenLDAP to false
    ldap.isLDAP=true
  3. LDAP server ip and port
    ldap.server=LDAP://<ldap-server-ip>:<ldap-port>
  4. ldap service account username and password to fetch the the user's details
    ldap.user=<serviceaccount-username>
    ldap.password=<serviceaccount-password>
  5. ldap searchbase attributes
    ldap.searchbase=DC=<domain>,DC=<com> 
  6. To use openLDAP anonymous user ldap.user and ldap.password set to empty and isLDAP to false
    ldap.isopenLDAP=false
  7. Compile and package the code using maven . Deploy the war (buildon.war) to Apache Tomcat Server.


...