DES Kubernetes deployment¶
This document describe the installation on Kubernetes of the Digital Enterprise Server
Prerequisites¶
Kubernetes environment
kubectl with a valid configuration connected to an existing cluster
A running reverse proxy (we recommend nginx)
Load balancer configured with a public ip address
Cert manager for Let’s Encrypt (optional, certificate can be manually configured)
Trisotech License
Latest helm chart (contact support@trisotech.com)
Digital Enterprise Server deployment¶
The Digital Enterprise Server deployment use a Helm chart which template Kubernetes yaml files. Options can be set using ‘--set <option>=<value>’. Here is a simplified list of options:
Option |
Description |
|---|---|
image.tag* |
tag of the image (v12.7.2 as of this writting) |
image.repository |
repository of the image if using an external registry |
image.maintenanceImage |
repository of the maintenance image if using an external registry |
image.pullSecrets |
name of the pull secret if using an external registry |
license |
Trisotech Digital Enterprise Suite license |
ingress.hosts[0]* |
domain name of the main ingress |
ingress.tls [False] |
enable tls for the ingress[es] |
storage.size [30Gi] |
size of the dynamically created volume |
storage.storageClassName |
Storage Class name (Set a non-default StorageClass) |
timezone [UTC] |
system timezone (see /usr/share/zoneinfo/ for available zones) |
Warning
storage.size could only be updated if supported by the storage class (see ALLOWVOLUMEEXPANSION value with kubectl get sc)
Other advanced configurations are possible, see Digital Enterprise Server - Advanced Configurations.
Deploy the Digital Enterprise Server using the Trisotech registry:
helm upgrade --install \
--set image.tag=<TAG> \
--set licence=<LICENSE> \
--set ingress.hosts[0]=<DNS NAME> \
--set ingress.tls=true \
--wait \
--namespace=des \
--create-namespace \
--atomic \
des des-<TAG>.tgz
Deploy the Digital Enterprise Server using an external docker registry:
docker login registry.trisotech.com -u user -p <LICENSE>
docker pull registry.trisotech.com/des/platform:<TAG>
docker pull registry.trisotech.com/des/engine:<TAG>
docker pull registry.trisotech.com/des/scripts:latest
docker tag registry.trisotech.com/des/platform:<TAG> <EXTERNAL REGISTRY>/des/platform:<TAG>
docker tag registry.trisotech.com/des/engine:<TAG> <EXTERNAL REGISTRY>/des/engine:<TAG>
docker tag registry.trisotech.com/des/scripts:latest <EXTERNAL REGISTRY>/des/scripts:latest
docker push <EXTERNAL REGISTRY>/des/platform:<TAG>
docker push <EXTERNAL REGISTRY>/des/engine:<TAG>
docker push <EXTERNAL REGISTRY>/des/scripts:latest
helm upgrade --install \
--set image.tag=<TAG> \
--set image.repository=<EXTERNAL REGISTRY>/des/platform \
--set maintenanceImage=<EXTERNAL REGISTRY>/des/scripts:latest \
--set ingress.hosts[0]=<DNS NAME> \
--set ingress.tls=true \
--wait \
--namespace=des \
--create-namespace \
--atomic \
des des-<TAG NUMBER>.tgz
Upgrade procedure¶
The DES upgrade is done using the helm --reuse-values parameter which ensure previous configuration is keep. Any new option can be added / changed using --set option=value parameter. Here is an example of an upgrade which change the DES image tag:
helm upgrade \
--reuse-values \
--set image.tag=<TAG> \
--wait \
--namespace=des \
--atomic \
des des-1.0.0.tgz
Warning
Make sure you use a numbered version and not latest because it allows to rollback to a previous deployment in case of errors (using latest will rollback to the same image). Using latest can also result in running a newer image if the pod is evicted because the default pull policy forces a check to the registry before restarting the pod.