Install InfraBox

April 24, 2019 ยท View on GitHub

Install InfraBox

Quickstart on GKE

If you want to get something up and running quickly you can use infraboxcli to install InfraBox on a GKE Cluster.

All you need ist:

Run infrabox install and follow the instructions.

Manual Installation

You can run InfraBox on any Kubernetes Cluster with at least version 1.9.

Prerequisites

  • helm (at least 2.10)
  • kubectl
  • a domain with access to the DNS configuration (i.e. infrabox.example.com)

Create a Kubernetes Cluster:

Configure prerequisuites

helm

We use helm to deploy the different components. To install helm into you kubernetes cluster run:

kubectl -n kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller

nginx ingress controller

Currently InfraBox only supports an nginx-ingress controller. To add one to your cluster:

helm install \
    -n nginx-ingress-controller \
    --namespace kube-system \
    --set rbac.create=true \
    --set controller.service.loadBalancerIP="<INSERT_YOUR_EXTERNAL_IP_HERE>" \
    --set controller.scope.enabled="true" \
    --set controller.scope.namespace="infrabox-system" \
    stable/nginx-ingress

Don't forget to add your external IP address, which you have created earlier, as loadBalancerIP

Create namespaces

InfraBox seperates the control plane (dashboard, docker-registry, api server, etc) from the actual jobs. Create two namespaces:

kubectl create ns infrabox-system
kubectl create ns infrabox-worker

Create TLS certificate

InfraBox requires a valid TLS certificate. It must be stored as a Secret with name infrabox-tls-certs in the infrabox-system namespace.

You have multiple options to create one:

Storage

InfraBox requires an object store to persist some data like inputs/outpus, caches and as storage for the docker-registry. Chose one of the options:

Install PostgreSQL

InfraBox requires a PostgreSQL Database for persisting some data. You have the following options:

Configure Authentication

You can configure different ways of how your user can authenticate.

Configure Monitoring

You may optionally configure Grafana/Prometheus monitoring.

Configure Status page

You may optionally configure a status page.

Clone InfraBox repository

If you have not already cloned the InfraBox repository and checkout the version you would like to install.

git clone https://github.com/SAP/infrabox /tmp/infrabox
cd /tmp/infrabox
git checkout master

Generate RSA Key

InfraBox uses a RSA key to sign certain information for security reasons. You need to generate a RSA key and keep it at a secure place

mkdir /tmp/infrabox-config
cd /tmp/infrabox-config
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub

Configure InfraBox

InfraBox uses helm for deploying. Create a my_values.yaml for your custom options:

cat >my_values.yaml <<EOL
image:
  tag: 1.1.5 # chose a released version
admin:
  private_key: $(base64 -w 0 ./jwtRS256.key)
  public_key: $(base64 -w 0 ./jwtRS256.key.pub)
EOL

If you get an error base64: invalid option -- w (e.g. on macOS), change the -w to -b in the base64 subcommand.

Add all the necessary configurations options as described in the earlier steps. If you forget some the installation will fail with some message like a.b.c is required. After you have prepared your my_values.yaml you may deploy InfraBox.

IMPORTANT: This requires at least helm 2.10

helm install --namespace infrabox-system -f my_values.yaml --wait /tmp/infrabox/deploy/infrabox

After a few seconds you can open your browser and access https://<YOUR_DOMAIN>.

HA mode

You can deploy multi cluster with HA mode

You can provide a privacy and terms of use url. These links will show up in the footer.