3.3. Installing via Kubernetes using helm

Kubernetes installation via helm uses a declarative approach to configuring the Dashboard. To get started, you need to adjust the values.yaml or your custom yaml file to define settings before you run the installation script.

Declare the clusters:

Find the following line in the values.yaml file:

clusters: []

Replace the line with a configuration that matches your clusters. For example:

clusters: 
  - host: "db1.example.com"
    namespace: "dev"
    apiUser: "sample-user"
    apiPassword: "<clear-text-password>"
    tcpPort: 11999
    apiPort: 8090
    apiSsl: true
    ssl: true
    cert: "<base64-encoded-certificate>"
    apiCert: "<base64-encoded-certificate>"
    hostnameValidation: true

Warning

In v8.0.0 the keys above should be in kebab-case, for example api-user, api-password etc.

From v8.0.1 onwards all keys are unified and should be in camelCase, for example apiUser, apiPassword etc

You can add as many clusters as you'd like using the "- <cluster>" syntax.

Note

While in this file the passwords are clear text, they are encrypted using the DASHBOARD_SECRET either defined manually, or generated automatically during installation. Values within the deployed installation will be encrypted.

If you are using hostnames that cannot be resolved, for example db1, db2 etc, in the tungsten.ini file, you can associate them with their corresponding IP address in a hostAliases in the values.yaml file as shown in the below example:

hostAliases:
  - ip: "10.0.0.2"
    hostnames:
    - "db1"

This configuration will then properly modify the /etc/hosts file in the Kubernetes environment.

Declare the Application Configuration:

Next, adjust the application configuration as necessary. See Section A.3, “The values.yaml file” for more details on each setting. Note that the configs here are in camelCase while in the final JSON they're snake_case

config: 
  env: "production"
  version: "8.0.0"
  configPath: "/app/persistent/"
  logType: "console-edn"
  helm: true
  domain: ""  
  path: "" 
  port: 4090 
  ssl: false
  sslPort: 4091
  browserPort: 4090
  clustersConnectOnStart: false
  topologyStartupDiscover: false
  topologyCleanOnExit: false
  defaultRestPort: 8090 
  defaultTcpPort: 11999
  hostnameValidation: true
  restTimeout: 15000

In the configuration take note of the following 5 values: domain, port, browserPort, path and restTimeout.

  • If you leave the domain and path empty, you'll be prompted for them in the install.

  • port is the application's port that the webserver responds to, while browserPort is used in the base url for the browser.

  • Normally you don't need to change the application port but you might need to change the browserPort to match your Ingress settings.

  • For restTimeout consider increasing it for big clusters or clusters under heavy loads for a more reliable connection in the start-up phase. The indicated value is in milliseconds.

User Credentials:

Adjust the default user credentials or be prompted for a default user during installation. The install.pl script itself creates only one user, if you want multiple users define them here.

users: 
  - role: admin # currently only admin role is supported.
    username: jane-doe
    password: <clear-text-password>

Passwords in yaml file are provided as clear text, during installation they're encrypted and final users.json will have hashed passwords on the server.

Configure Ingress (if required):

Important

Dashboard does not install Ingress-Controllers by default! You must install the ingress controller yourself before installing the Dashboard. Dashboard only deploys an ingress resource to the cluster under it's own namespace. Without a controller this resource does nothing.

To enable Dashboard-specific ingress locate the following entries and adjust accordingly:

ingress:
  enabled: false # When true, creates dashboard ingress resource

  # You must create the IngressClass and then add it here.
  # Example of a controller: nginx see https://github.com/kubernetes/ingress-nginx for more information
  className: "" # ingressClassName ie. nginx

  # use config field's domain, path and port for ingress.
  # to fully control your setup set this to false and specify extraHosts.
  hostFromConfig: true

  # TLS config for ingress.
  # To use this create a secret with any name and add it here.
  # The secret must contain both base64 encoded certificate and the key as base64 encoded values.
  # See https://kubernetes.io/docs/concepts/services-networking/ingress/#tls for more
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local
  • Change ingress.enabled to true if you want to create ingress resource

  • Add the className of your index controller, i.e. nginx

  • Update tls section with your tls secret and the Hosts field should match config.domain

Begin Installation

Below is an example of installing Tungsten Dashboard using the install.pl script:

shell> cd /opt/continuent/software/tungsten-dashboard-8.0.1-82
shell> ./install.pl -m kubernetes

The installation will prompt for a number of configuration items, such as usernames, passwords, whether or not to use HTTPS or not. Each prompt will provide details along with the default values.

Note

During this installation, the script will post yaml files to the cluster using the kubernetes syntax you provided via the helm installation logic. These yaml files are generated using the helm templating syntax fed by the values.yaml file.

Helm moves the values you give into the proper yaml file while kubernetes declares what yaml syntaxes and values in those syntaxes are available.

If you encounter issues during the installation start by inspecting the yaml posted to kubernetes and validating it against kubernetes documentation.

Important

It is recommended to keep a safe backup of the values.yaml file as this may be needed as a template when upgrading the Tungsten Dashboard version.

3.3.1. Uninstall

To uninstall Tungsten Dashboard, simply execute the following:

shell> helm uninstall tungsten-ui --namespace tungsten-ui

Additionally if you do not wish to keep the data from the dashboard run:

shell> kubectl -n tungsten-dashboard delete secret tungsten-dashboard-secret;
# check if tungsten-dashboard-vol exists.
shell> kubectl -n tungsten-dashboard get pvc;
# if it does, remove it with:
shell> kubectl -n tungsten-dashboard delete pvc tungsten-dashboard-vol;

Warning

Deleting or changing the secret without deleting the data will prevent users from logging in and the dashboard from making any connections, effectively locking you out of the system. If this happens to you remove the users.json file and restart the dashboard application. This will recreate the default user for you.