Skip to main content

Dependencies Deployment

Why is Kobil providing dependency Chart Package

with dependency files (previously known as mBattery) the following Services/Technologies are available per meta-chart

Ingress-Controller - to be enabled as daemon-set at node-level for the target k8s cluster

Cert-Manager - to enable Let's Encrypt signed Certificates for the TLS-endpoint hosted on the ingress-controller.

Prometheus - collecting metrics from target by scraping metrics http endpoints. functional split into: retrieval (pulling metrics data), storage (storing into configure "time-series DB service" (loki)), http/server (accepting queries / interface for additional services)

Promtail - logfile grabber to retrieve STDOUT/STDERR stream at node-level forwarding the log-data into a "time-series DB service" (loki)

Loki - "time series Database Service"

Grafana - http-server/service acting as UI for logs, traces, metrics with Dashboard capabilities

Based on the default dependency meta-configuration file "values.yaml" find the main structure as follows (covering the main sections "global", "ingress", "certs", "store" and "monitoring":

dependency

Section: "global"

Covered by the "global" section find the important "global:storgeClass" and "global:ingress:domain" settings.
Verify at cluster level which "storageClass" (kubectl get sc) is available for volume provisioning. This is required in case you would like to use "in_k8s_cluster" hosted DB-services.

Section: "ingress"

Covered by the "ingress" section is the option/parameter "ingress:enabled: true|false" to enable deployment of a ingress-controller daemon-set at node-level.
In case of existing Ingress-Controller services in the targeted kubernetes cluster, you may have to disable/enable:false the Ingress-controller deployment.

Section: "certs"

Covered by the "certs" section find the configuration setup to enable Cert-Manager functionality - which could be used utilizing Let's Encrypt services for Certificate signing. The Certificates are then used by default for configuration of the TLS-endpoint implemented on the ingress-controller implementation. As an initial test-setup make use of setting "certs:issuer:type:selfsigned".

Section: "store"

The "store" section would become most important in case you would like to setup a "sandbox" install for dependency+mPower for providing all required DB-services inside the target kubernetes cluster.
The "store" sections allows to enable deployment for different DB-service later on then used by the Kobil services deployment with the Kobil mPower Chart package. As per Kobil Service requirement you may deploy a MYSQL-DB for the Security Server-service, a PostGres for the IDP plus a Mongo-DB for the SCP-services. In addition my may enable elasticsearch and/or redis.

At production level install/deployment Kobil recommends to make use of external managed DB-services (not using k8s-cluster internal hosted DB-service) to ensure data-integrity and service availability.
Still - some DB-services are at operational level servicing "non persistent data" and are potentially fine to be hosted within a reliable k8s-cluster runtime (i.e. the redis or elasticsearch "DB"-service).

Section: "monitoring"

Covered by the "ingress"

Dependencies meta-config chart file "values.yaml" configuration parameter

Dependencies meta-chart/service dependency to mPower meta-chart configuration

Using mPower meta-config - monitoring: prometheus: serviceMonitor: enabled: true – requires Dependencies: