Setting Up Cluster for Custos Deployment

Setting up Cert Manager, Keycloak, consul, vault and MySQL

1. Login into master instance and follow below steps:-

2. Create namespaces:-

kubectl create namespace keycloak
kubectl create namespace vault
kubectl create namespace custos

3. Clone the repository:-

• Follow:-

git clone https://github.com/airavata-courses/scapsulators.git
cd scapsulators
git checkout custos-deployment-development

4. Deploy cert-manager:-

cd cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml

kubectl apply -f issuer.yaml

5. Deploy keycloak:-

cd ../keycloak/postgres

helm repo add bitnami https://charts.bitnami.com/bitnami

// Create PVs
kubectl apply -f pv.yaml,pv1.yaml,pv2.yaml

// deploy postgres
helm install keycloak-db-postgresql bitnami/postgresql -f values.yaml -n keycloak --version 10.12.3

cd ..
kubectl create -f https://raw.githubusercontent.com/operator-framework/operator-lifecycle-manager/master/deploy/upstream/quickstart/crds.yaml
kubectl create -f https://raw.githubusercontent.com/operator-framework/operator-lifecycle-manager/master/deploy/upstream/quickstart/olm.yaml

git clone https://github.com/keycloak/keycloak-operator
cp operator.yaml keycloak-operator/deploy/
cd keycloak-operator
make cluster/prepare
kubectl apply -f deploy/operator.yaml -n keycloak
cd ..
kubectl apply -f keycloak-db-secret.yaml -n keycloak
kubectl apply -f custos-keycloak.yaml -n keycloak

// Replace hostname in ingress.yaml
kubectl apply -f ingress.yaml -n keycloak

// get admin password
kubectl get secret credential-custos-keycloak -o yaml -n keycloak
echo "paste_password_base64" | base64 --decode

6. Deploy consul

• Follow these steps on each node:-

cd /
sudo mkdir hashicorp
sudo mkdir hashicorp/consul
sudo mkdir hashicorp/consul/data
sudo chmod 777 -R hashicorp

• After that on master:-

cd ~/scapsulators/consul
kubectl apply -f pv.yaml,pv1.yaml
kubectl apply -f storage.yaml
helm install consul hashicorp/consul --version 0.31.1 -n vault --values config.yaml

7. Deploy vault

helm install vault hashicorp/vault --namespace vault -f values.yaml --version 0.10.0

// Change Hostname in ingress.yaml
// Deploy ingress
kubectl apply -f ingress.yaml -n vault

Open js-169-114.jetstream-cloud.org and follow instructions to unlease vault

Now we can see vault-0 is up:-

8. Deploy MySQL

cd ../mysql
kubectl apply -f pv.yaml,pv1.yaml
helm install mysql bitnami/mysql -f values.yaml -n custos --version 8.8.8