UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit 14ca4b2f authored by Christopher McGrath's avatar Christopher McGrath Committed by Micah Nagel
Browse files

Quickstart fixes

parent 39e14cee
No related branches found
No related tags found
1 merge request!964Quickstart fixes
Hide whitespace changes
Inline Side-by-side
docs/guides/deployment_scenarios/quickstart.md
+ 34
42
View file @ 14ca4b2f
......@@ -264,37 +264,29 @@ Note: This guide follows the DevOps best practice of left-shifting feedback on m
```shell
# [ubuntu@Ubuntu_VM:~]
# ECK implementation of ElasticSearch needs the following or will see OOM errors
# Needed for ECK to run correctly without OOM errors
sudo sysctl -w vm.max_map_count=524288
# Alternatively can use:
# echo 'vm.max_map_count=524288' | sudo tee -a /etc/sysctl.d/vm-max_map_count.conf
# SonarQube host OS pre-requisites
# Needed by Sonarqube
sudo sysctl -w fs.file-max=131072
# Alternatively can use:
# echo 'fs.file-max=131072' | sudo tee -a /etc/sysctl.d/fs-file-max.conf
# Also Needed by Sonarqube
ulimit -n 131072
ulimit -u 8192
# Needed for ECK to run correctly without OOM errors
echo 'vm.max_map_count=524288' > /etc/sysctl.d/vm-max_map_count.conf
# Needed by Sonarqube
echo 'fs.file-max=131072' > /etc/sysctl.d/fs-file-max.conf
# Load updated configuration
sysctl --load
# Alternative form of above 3 commands:
# sudo sysctl -w vm.max_map_count=524288
# sudo sysctl -w fs.file-max=131072
# Needed by Sonarqube
ulimit -n 131072
ulimit -u 8192
sudo sysctl --load
# Preload kernel modules required by istio-init, required for SELinux enforcing instances using istio-init
modprobe xt_REDIRECT
modprobe xt_owner
modprobe xt_statistic
# Preload kernel modules, required by istio-init running on SELinux enforcing instances
sudo modprobe xt_REDIRECT
sudo modprobe xt_owner
sudo modprobe xt_statistic
# Persist modules after reboots
# Persist kernel modules settings after reboots
printf "xt_REDIRECT\nxt_owner\nxt_statistic\n" | sudo tee -a /etc/modules
# Kubernetes requires swap disabled
......@@ -413,14 +405,14 @@ cd ~
git clone https://repo1.dso.mil/platform-one/big-bang/bigbang.git
cd ~/bigbang
# Checkout version 1.15.0 of Big Bang
# (Pinning to specific versions is a DevOps best practice)
git checkout tags/1.15.0
# Checkout version 1.17.0 of Big Bang
# (Pinning to specific version to improve reproducibility)
git checkout tags/1.17.0
git status
```
```console
HEAD detached at 1.15.0
HEAD detached at 1.17.0
```
> HEAD is git speak for current context within a tree of commits
......@@ -555,7 +547,7 @@ EOF
```shell
# [ubuntu@Ubuntu_VM:~]
helm upgrade --install bigbang $HOME/bigbang/chart \
--values $HOME/bigbang/chart/ingress-certs.yaml \
--values https://repo1.dso.mil/platform-one/big-bang/bigbang/-/raw/master/chart/ingress-certs.yaml \
--values $HOME/ib_creds.yaml \
--values $HOME/demo_values.yaml \
--namespace=bigbang --create-namespace
......@@ -569,8 +561,8 @@ Explanation of flags used in the imperative helm install command:
`bigbang $HOME/bigbang/chart`
: bigbang is the name of the helm release that you'd see if you run `helm list -n=bigbang`. `$HOME/bigbang/chart` is a reference to the helm chart being installed.
`--values $HOME/bigbang/chart/ingress-certs.yaml`
: References demonstration HTTPS certificates embedded in the public repository. The *.bigbang.dev wildcard certificate is signed by Let's Encrypt, a free public internet Certificate Authority.
`--values https://repo1.dso.mil/platform-one/big-bang/bigbang/-/raw/master/chart/ingress-certs.yaml`
: References demonstration HTTPS certificates embedded in the public repository. The *.bigbang.dev wildcard certificate is signed by Let's Encrypt, a free public internet Certificate Authority. Note the URL path to the copy of the cert on master branch is used instead of `$HOME/bigbang/chart/ingress-certs.yaml`, because the Let's Encrypt certs expire after 3 months, and if you deploy a tagged release of BigBang, like 1.15.0, the version of the cert stored in the tagged git commit / release of Big Bang could be expired. Referencing the master branches copy via URL ensures you receive the latest version of the cert, which won't be expired.
`--namespace=bigbang --create-namespace`
: Means it will install the bigbang helm chart in the bigbang namespace and create the namespace if it doesn't exist.
......@@ -626,18 +618,18 @@ Explanation of flags used in the imperative helm install command:
* `helm list -n=bigbang` should also show STATUS deployed
```console
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
bigbang bigbang 1 2021-08-31 16:50:39.336392871 +0000 UTC deployed bigbang-1.15.0
eck-operator-eck-operator eck-operator 1 2021-08-31 16:21:12.546012077 +0000 UTC deployed eck-operator-1.6.0-bb.2 1.6.0
gatekeeper-system-gatekeeper gatekeeper-system 1 2021-08-31 16:21:13.146595333 +0000 UTC deployed gatekeeper-3.5.1-bb.16 v3.5.1
istio-operator-istio-operator istio-operator 1 2021-08-31 16:21:12.726676226 +0000 UTC deployed istio-operator-1.9.7-bb.1
istio-system-istio istio-system 1 2021-08-31 16:44:07.776386128 +0000 UTC deployed istio-1.9.7-bb.0
jaeger-jaeger jaeger 1 2021-08-31 16:25:17.733322853 +0000 UTC deployed jaeger-operator-2.23.0-bb.1 1.24.0
kiali-kiali kiali 1 2021-08-31 16:25:14.314905637 +0000 UTC deployed kiali-operator-1.37.0-bb.3 1.37.0
logging-cluster-auditor logging 1 2021-08-31 16:25:33.628134776 +0000 UTC deployed cluster-auditor-0.3.0-bb.6 1.16.0
logging-ek logging 1 2021-08-31 16:22:12.609559643 +0000 UTC deployed logging-0.1.20-bb.0 7.13.4
logging-fluent-bit logging 1 2021-08-31 16:22:41.467862784 +0000 UTC deployed fluent-bit-0.16.1-bb.0 1.8.1
monitoring-monitoring monitoring 1 2021-08-31 16:22:26.03075708 +0000 UTC deployed kube-prometheus-stack-14.0.0-bb.8 0.46.0
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
bigbang bigbang 1 2021-10-07 19:16:13.990755769 +0000 UTC deployed bigbang-1.17.0
eck-operator-eck-operator eck-operator 1 2021-10-07 19:16:18.300583454 +0000 UTC deployed eck-operator-1.6.0-bb.2 1.6.0
gatekeeper-system-gatekeeper gatekeeper-system 1 2021-10-07 19:16:20.783813062 +0000 UTC deployed gatekeeper-3.5.2-bb.1 v3.5.2
istio-operator-istio-operator istio-operator 1 2021-10-07 19:16:20.564511742 +0000 UTC deployed istio-operator-1.10.4-bb.1
istio-system-istio istio-system 1 2021-10-07 19:17:18.267592579 +0000 UTC deployed istio-1.10.4-bb.3
jaeger-jaeger jaeger 1 2021-10-07 19:29:15.866513597 +0000 UTC deployed jaeger-operator-2.23.0-bb.2 1.24.0
kiali-kiali kiali 1 2021-10-07 19:29:14.362710144 +0000 UTC deployed kiali-operator-1.39.0-bb.2 1.39.0
logging-cluster-auditor logging 1 2021-10-07 19:20:55.145508137 +0000 UTC deployed cluster-auditor-0.3.0-bb.7 1.16.0
logging-ek logging 1 2021-10-07 19:17:50.022767703 +0000 UTC deployed logging-0.1.21-bb.0 7.13.4
logging-fluent-bit logging 1 2021-10-07 19:29:42.290601582 +0000 UTC deployed fluent-bit-0.16.6-bb.0 1.8.6
monitoring-monitoring monitoring 1 2021-10-07 19:18:02.816162712 +0000 UTC deployed kube-prometheus-stack-14.0.0-bb.10 0.46.0
```
## Step 12: Edit your workstation's Hosts file to access the web pages hosted on the Big Bang Cluster
......@@ -706,7 +698,7 @@ addons:
EOF
helm upgrade --install bigbang $HOME/bigbang/chart \
--values $HOME/bigbang/chart/ingress-certs.yaml \
--values https://repo1.dso.mil/platform-one/big-bang/bigbang/-/raw/master/chart/ingress-certs.yaml \
--values $HOME/ib_creds.yaml \
--values $HOME/demo_values.yaml \
--values $HOME/tinkering.yaml \
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI