| Info |
|---|
This document is not to be used for all production or POC deployment. |
Contents
| Table of Contents | ||||
|---|---|---|---|---|
|
...
Please check here for installation requirements
Installation
All the commands in this runbook were tested against a VM with Canonical, Ubuntu, 20.04 LTS, amd64 as root.
Install K3s and wait for the pods to become ready:
Code Block language bash curl -sfL https://assets.master.k3s.getvisibility.com/k3s/k3s.sh | INSTALL_K3S_VERSION="v1.2326.910+k3s1" K3S_KUBECONFIG_MODE="644" sh -s - server --node-name=local-01 $ kubectl get deploy -n kube-system --output name | xargs -n1 -t kubectl rollout status -n kube-system
Install Helm 3:
Code Block language bash wget --quiet https://raw.githubusercontent.com/helm/helm/master/scripts/get -O /tmp/get_helm.sh \ && chmod 0755 /tmp/get_helm.sh \ && /tmp/get_helm.sh -v v3.8.2
Configure GetVisibility private Docker image registry (replace
$USERNAMEand$PASSWORDwith the Docker credentials provided):Code Block $ language bash kubectl create secret docker-registry gv-docker-registry \ --docker-server=https://images.master.k3s.getvisibility.com \ --docker-username=$USERNAMEgvimages \ --docker-password=$PASSWORD$GVIMAGES_PASSWORD \ --docker-email=no@email.com
Configure GetVisibility private Helm repository (replace
$USERNAMEand$PASSWORDwith the Helm credentials provided):Code Block language bash helm repo add gv_stable https://charts.master.k3s.getvisibility.com/stable --username $USERNAMEgvcharts --password $PASSWORD$GVCHARTS_PASSWORD $ helm repo update
Install Getvisibility Gatekeeper:
Code Block $Install chart GetVisibility Essentials and wait for the pods to become ready.
For Synergy (32 GB RAM machines), please replacekeycloak.url= IPADDRESS/DNS/FQDNwith IP Adress or FQDN or DNS name for Keycloak in formats like below
https://192.168.10.1 or https://gv.domain.local or https://gv.getvisibility.comCode Block language bash helm upgrade --install gv-gatekeeperessentials gv_stable/gv-gatekeeperessentials --wait \ --namespacetimeout=gatekeeper-system10m0s --create-namespace \ --kubeconfig /etc/rancher/k3s/k3s.yaml
Install chart GetVisibility Essentials and wait for the pods to become ready.
If you are installing Focus or Enterprise append--set eck-operator.enabled=trueto the upgrade command in order to enable ElasticSearch.Code Block $ \ --set eck-operator.enabled=true --set eck-operator.settings.cpu=1 \ --set eck-operator.settings.memory=1 --set eck-operator.settings.storage=40 \ --set updateclusterid.enabled=false --set keycloak.url=IPADDRESS/DNS/FQDN kubectl get deploy --output name | xargs -n1 -t kubectl rollout status
For Focus and Enterprise (48+ GB RAM machines), please replace
keycloak.url= IPADDRESS/DNS/FQDNwith IP Adress or FQDN or DNS name for Keycloak in formats like below
https://192.168.10.1 or https://gv.domain.local or https://gv.getvisibility.comCode Block helm upgrade --install gv-essentials gv_stable/gv-essentials --wait \ --timeout=10m0s --kubeconfig /etc/rancher/k3s/k3s.yaml $ \ --set eck-operator.enabled=true --set eck-operator.settings.cpu=8 \ --set eck-operator.settings.memory=20 --set eck-operator.settings.storage=160 \ --set updateclusterid.enabled=false --set keycloak.url= IPADDRESS/DNS/FQDN kubectl get deploy --output name | xargs -n1 -t kubectl rollout status
Depending on the theme you want to use, run one of the commands below to install the chart GV Platform (don’t forget to replace
$PRODUCTwith either synergy or focus or enterprise):GetVisibility theme:
Code Block language bash $ helm upgrade --install gv-platform gv_stable/gv-platform --wait \ --timeout=10m0s --kubeconfig /etc/rancher/k3s/k3s.yaml \ --set-string clusterLabels.environment=prod \ --set-string clusterLabels.cluster_reseller=getvisibility \ --set-string clusterLabels.cluster_name=mycluster \ --set-string clusterLabels.product=$PRODUCTForcepoint theme:
Code Block language bash helm upgrade --install gv-platform gv_stable/gv-platform --wait \ --timeout=10m0s --kubeconfig /etc/rancher/k3s/k3s.yaml \ --set-string clusterLabels.environment=prod \ --set-string clusterLabels.cluster_reseller=forcepoint \ --set-string clusterLabels.cluster_name=mycluster \ --set-string clusterLabels.product=$PRODUCT
...
In order to upgrade the essential services (e.g. Postgres, Kafka, MongoDB, Consul) run helm repo update and then the same command you used in step 65.
Synergy/Focus/Enterprise
In order to upgrade Synergy/Focus/Enterprise run helm repo update and then the same command you used in step 76.
Monitoring
You can optionally also install monitoring tools to collect metrics and logs of all services that are running inside the cluster:
Install the CRDs:
Code Block language bash helm upgrade --install rancher-monitoring-crd gv_stable/rancher-monitoring-crd --wait \ --kubeconfig /etc/rancher/k3s/k3s.yaml \ --namespace=cattle-monitoring-system \ --version=100.16.26+up19.0.518 \ --create-namespace
Install the monitoring tools:
Code Block language bash $ helm upgrade --install rancher-monitoring gv_stable/rancher-monitoring --wait \ --kubeconfig /etc/rancher/k3s/k3s.yaml \ --namespace=cattle-monitoring-system \ --version=100.16.26+up19.0.518 \ --set k3sServer.enabled=true \ --set k3sControllerManager.enabled=true \ --set k3sScheduler.enabled=true \ --set k3sProxy.enabled=true --set prometheus.retention=5
To access the Grafana dashboard run the command kubectl port-forward svc/rancher-monitoring-grafana -n cattle-monitoring-system 3001:80 --address='0.0.0.0' and in your browser type the address http://$SERVER_IP:3001.
To access Prometheus dashboard run the command kubectl port-forward svc/rancher-monitoring-prometheus -n cattle-monitoring-system 3001:9090 --address='0.0.0.0' and in your browser type the address http://$SERVER_IP:3001.
| Info |
|---|
To expose Grafana via an ingress on the path |
| Code Block |
|---|
--set global.grafana_ingress.enabled=true |
| Info |
|---|
Add |