Skip to content

Latest commit

 

History

History
89 lines (80 loc) · 3.16 KB

README.md

File metadata and controls

89 lines (80 loc) · 3.16 KB

Deploy Seeker Server on Kubernetes

Deploy the Seeker server on Kubernetes using the Iron Bank registry.

Prerequisites

  • A Kubernetes cluster version 1.19 or higher
  • Helm version 2.x/3.x

To deploy the Seeker server on Kubernetes, perform the following steps:

Deploy the Seeker images to a Kubernetes cluster.

  1. Clone the Seeker helm chart: 
    git clone https://github.com/synopsys-sig/seeker-k8s
cd seeker-k8s
  2. Create the Seeker Namespace: 
    kubectl create ns seeker

Use the following installation options:

  1. Create a secret that will hold your database password. a. Create a secret.yaml. Use the following pattern, substituting the dbpass value with your password encoded with base64. 
    apiVersion: v1
kind: Secret
metadata:
  name: seeker-dbpass
  namespace: seeker
type: Opaque
data:
  dbpass: dGVzdAo=
    b. Deploy secret.yaml. 
    kubectl -n seeker apply -f secret.yaml
  2. Create a docker registry sercret to pull the Seeker images from ironbank: 
    kubectl -n seeker create secret docker-registry regcred \
   --docker-server=registry1.dso.mil \
   --docker-username=user \
   --docker-password=password
  3. Install the Seeker chart (default). 
    helm install --namespace seeker --set imagePullSecrets=regcred --set externalDatabasePasswordSecret=seeker-dbpass seeker ./seeker
  4. Install with sizing restrictions.
    Depending on your deployment size, use the following command with the corresponding file name, for example, medium.yaml. 
    helm install --namespace seeker --set imagePullSecrets=regcred --set externalDatabasePasswordSecret=seeker-dbpass -f medium.yaml seeker ./seeker
    To choose the appropriate size, see Sizing Guidelines.
  5. Install with a user-managed database: 
    helm install \
   --namespace seeker \
   --set imagePullSecrets=regcred \
   --set seekerManagedDatabase.enabled=false \
   --set externalDatabaseHost=database-host \
   --set externalDatabasePort=5432 \
   --set externalDatabaseName=seeker-db \
   --set externalDatabaseUsername=seeker-user \
   --set externalDatabasePasswordSecret=seeker-dbpass \
   -f medium.yaml \
   seeker ./seeker

Next Steps

The deployment might take a few minutes to complete. Once completed, verify its results.

kubectl get pods -n seeker

You should see an output similar to this:

NAME                               READY   STATUS    RESTARTS   AGE
seeker-nginx-d744bdf9d-jz2q6       1/1     Running   0          50s
seeker-postgres-7ccb44cdd7-6wqq5   1/1     Running   0          50s
seeker-sensor-5c474bf4f-dw2dr      1/1     Running   0          50s
seeker-server-67df999d68-m7zjt     1/1     Running   0          50s

Note:
If you are using a single-node Kubernetes cluster, such as the one available when running Docker on a personal computer, the Seeker container exposes the 30080 (HTTP) and 30443 (HTTPS) ports of your cluster.

For multi-node Kubernetes clusters, configure your ingress controller to route external traffic to the Seeker service inside your cluster.