KOBIL Shift configuration and deloyment
Shift configuration and installation
Scope: Initial and sufficient configuration for the KOBIL "shift" metaconfiguration file "values.yaml" for installation of KOBIL Shift.
Configuration for the KOBIL Shift deployment is done by editing the metaconfiguration file "values.yaml" only for the KOBIL Shift charts (and is not related to the KOBIL Shift-Operator Charts/configuration).
Pulling the KOBIL Shift Chart metconfiguration file "values.yaml"
You may download the full KOBIL Shift Chart package - and extracting
this covering then the metaconfiguration-file "values.yaml" for KOBIL
Shift in the root-directory
You may pull the KOBIL Shift "values.yaml" directly (and only this -
by running command: helm show values kobil/shift > ./values.yaml )
Editing the KOBIL Shift Chart metconfiguration file "values.yaml"
When editing the Shift "values.yaml" - find main sections (also see Shift Configuration and Installation: Parameter Reference):
Global Section - most important edits are:
- add the "image pull secrets" to the target namespace where Shift-Operator and Shift will be deployed to (image-pull-secret is required in the namespace).
- configure the "routing" section (here to decide using ingress with tlsSecret) (here to enable istio with gateways)
- configure the
global.routing.domainparameter appropriate to your Domain configuration (prepare for this first) - enable the Prometheus CRD "servicemonitor" to propagate the KOBIL Shift metrics endpoints
Common Section - most important edits are:
- set
existingSecretDatastoreCredentialsandexistingSecretAdminCredentialswhen using secrets to cover the credential-sets. See [README.md] for details and the required structure.
Following the global section the sections for the each service follows. Here to set the specific parameter per service - this covers:
- per service to set enabled: true|false for deployment. Main components in the KOBIL Shift Suite are IDP, SmartScreen, SmartDashboard, SCP and AST services.
- set initial credentials for the services configured at time of deployment - i.e. setting the database-service credentials
Find here sample for the global section switches to enable the main KOBIL Shift service components:
Part of "values.yaml" for KOBIL Shift
# -- IDP specific global values
idp:
enabled: true
# -- Smartscreen specific global values
smartscreen:
enabled: true
# -- Smartdashboard specific global values
smartdashboard:
enabled: true
# -- AST services specific global values
asts:
enabled: true
Following the "global" section below finding the "Component Sections" - most important edits for these are:\
- add the "database specifications" (host, port, user, password, ,,, ) configuration. Find more details here: [Configure Database Services for KOBIL Shift]
Customization for KOBIL Shift Charts for specific deployment
One important feature for the KOBIL Shift-Operator is the
valuesOverride functionality which allows to adopt the parameters
(key:values) from KOBIL Shift Services/Sub-charts i.e. when loading
custom images. This is explained here: [Customizing Shift Chart settings]
Ahead of i.e. specific custom images it may require to make use of a specific "Chart" version to cover required extensions/coding for a custom image (as per above) in case of very specific customization. To load a related specific customized chart version for this the default version for the sub-chart needs is modified by specific configuration chart-version - see here: Loading custom Charts for Shift
Deploying the KOBIL Shift by "helm install" command
Once editing for KOBIL Shift metaconfiguration-file "values.yaml" is completed, the KOBIL Shift services are deployed running helm install command:
Then run the helm install - see sample commands here:
helm install <release_name> -f <metaconfiguration-file> -n <shift_namespace> <repository-name> \
--version <version_number>
# Sample commands:
helm install shift -f ./values.yaml -n kobilshift kobil/shift
helm install kobilshift -f ./ecosys-values.yaml -n ecosystem1 \
kobil/shift --version 0.70.0 2>&1 | tee kobilshift.install.out
Verify the KOBIL Shift deployment
Once Shift-Operator is deployed and you have to run the "helm install shift" which is triggering the Shift-Operator to execute the deployment. Please wait until the Shift-Operator has completed by background processing. Check with "helm list" the background processing finding the Shift-Operator applied services packages. This may take few minutes.
kubectl get deployments -n <shift-namespace\>
kubectl get servicegroups -n <shift-namespace\>
helm list # to see applied KOBIL services by Shift Operator
Successful deployment is indicated by "helm list" reporting all services of the releases for a specified namespace by status "Deployed". Also all the KOBIL Shift Servicegroups are listed for condition "READY" with "true".
Successful SAMPLE Deployment
kubectl get servicegroups
NAME READY SERVICES
kobilshift-ast true {"ast-client-properties":{"chart":"ast-client....
kobilshift-idp true {"idp-core":{"chart":"idp-core","version"....
kobilshift-scp true {"scp-addressbook":{"chart":"scp-addressbook....
helm list
NAME REVISION UPDATED STATUS CHART APP
kobilshift-ast-client-properties 202 2023-01-02 10:56:33.32 deployed ast-client-properties-3.6.2 3.6
kobilshift-ast-stream 208 2023-01-02 10:57:03.23 deployed ast-stream-2.2.1 2.2
kobilshift-ast-tms 208 2023-01-02 10:57:17.54 deployed ast-tms-0.14.0 0.2
kobilshift-ast-version 202 2023-01-02 10:57:33.42 deployed ast-version-8.0.0 8.0
kobilshift-astlogin 208 2023-01-02 10:58:45.77 deployed astlogin-4.0.2 4.0
kobilshift-idp-core 206 2022-12-30 15:49:17.78 deployed idp-core-3.3.0 3.3
....
Failed deployment is indicated by ServiceGroup "READY" status is not true - or in the "helm" listing releases are flagged with "failed" STATUS.
Post-Installation required action at infrastructure level
Integrating the KOBIL Shift services to the network infrastructure by using a Service Mesh.
For integrating using ISTIO Service mesh find details here: Exposing Shift to the Network via Istio ServiceMesh
For integrating using RedHat ServiceMesh services find more details here: Using RedHat ServiceMesh instead of community Istio