agility-docs

Install AGILITY on Kubernetes

Architecture

AGILITY components are divided in three groups:

• agility-system
• agility-services
• agility

AGILITY Operator manages agility components synchronizing with the AGILITY Central site.

Prerequisites

Before installing AGILITY, make sure you have the following prerequisites:

• Kubernetes:
  • Admin Permissions. You should have Kubernetes administrative permissions to perform the installation.
  • Dynamic Volume Provisioning. Dynamic volume provisioning for block storage is recommended. When using a cloud-managed cluster, CSI provisioners are most likely available. For on-premises deployments, a solution like rook-ceph might be an alternative. Otherwise, check Appendix A for manual provisioning.
• Local CLI applications
  • helm. Make sure you have helm version 3.8 or higher installed.
  • jq. Make sure you have jq version 1.6 or higher installed.
• B-Yond License. To install AGILITY, you will need the B-Yond license provided by B-Yond customer support.

Please ensure that you have fulfilled all these prerequisites before moving on to the next step.

Helm Charts Download

Contact customer support to determine the version of AGILITY to deploy.

mkdir -p agility-charts && cd agility-charts
export AGILITY_VERSION=3.87.5

Store the B-Yond License on a temporary directory

export BYOND_LICENSE_PATH="/tmp/license.token"
vi ${BYOND_LICENSE_PATH}

Verify jq and helm are available on your laptop (UNIX command)

red='\033[0;31m'
green='\033[0;32m'
clear='\033[0m'
if ! command -v jq 2>&1 > /dev/null; then echo -e "${red}jq.............................ERROR. Please install it before continuing${clear}"; else echo -e "${green}jq.............................OK${clear}"; fi; if ! command -v helm 2>&1 > /dev/null; then echo -e "${red}helm...........................ERROR. Please install it before continuing${clear}"; else echo -e "${green}helm...........................OK${clear}"; fi

Ensure jq and helm binaries meet the required version.

Pull the charts:

export OCI_USERNAME=$(jq -rR 'split(".") | .[1] | gsub("-"; "+") | gsub("_"; "/") | gsub("%3D"; "=") | @base64d | fromjson | .imagePullSecret | fromjson | .auths."iad.ocir.io" | .username' ${BYOND_LICENSE_PATH})
export OCI_AUTH_TOKEN=$(jq -rR 'split(".") | .[1] | gsub("-"; "+") | gsub("_"; "/") | gsub("%3D"; "=") | @base64d | fromjson | .imagePullSecret | fromjson | .auths."iad.ocir.io" | .password' ${BYOND_LICENSE_PATH})
export OCI_EMAIL=$(jq -rR 'split(".") | .[1] | gsub("-"; "+") | gsub("_"; "/") | gsub("%3D"; "=") | @base64d | fromjson | .imagePullSecret | fromjson | .auths."iad.ocir.io" | .email' ${BYOND_LICENSE_PATH})

rm -rf {agility-system,agility-services,agility}

helm registry login -u "${OCI_USERNAME}" -p "${OCI_AUTH_TOKEN}" iad.ocir.io

helm pull --untar --untardir ./ --version "${AGILITY_VERSION}" oci://iad.ocir.io/idhyugs3p9e3/agility/helm-charts/agility-system
helm pull --untar --untardir ./ --version "${AGILITY_VERSION}" oci://iad.ocir.io/idhyugs3p9e3/agility/helm-charts/agility-services
helm pull --untar --untardir ./ --version "${AGILITY_VERSION}" oci://iad.ocir.io/idhyugs3p9e3/agility/helm-charts/agility

[Optional] Test environment

Before starting with the installation, you can test your environment by creating a Pod with a PersistentVolumeClaim

1. Create an ephemeral namespace

    kubectl create namespace agility-test
   

2. Create the imagePullSecret to pull images from the B-Yond Container registry:

    kubectl --namespace agility-test create secret docker-registry byond-container-registry-credential \
    --docker-server=iad.ocir.io \
    --docker-username="${OCI_USERNAME}" \
    --docker-password="${OCI_AUTH_TOKEN}" \
    --docker-email="${OCI_EMAIL}"
   

3. Create the PersistentVolumeClaim and Pod definitions

    cat <<EOF | kubectl apply -f -
    ---
    apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: agility-claim
      namespace: agility-test
    spec:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 5Gi
    ---
    apiVersion: v1
    kind: Pod
    metadata:
      name: agility-app
      namespace: agility-test
    spec:
      imagePullSecrets:
        - name: byond-container-registry-credential
      containers:
        - name: app
          image: iad.ocir.io/idhyugs3p9e3/agility/bitnami/bitnami-shell:${AGILITY_VERSION}
          command: ["/bin/sh"]
          args: ["-c", "while true; do echo $(date -u) >> /data/out; sleep 5; done"]
          volumeMounts:
            - name: persistent-storage
              mountPath: /data
      volumes:
        - name: persistent-storage
          persistentVolumeClaim:
            claimName: agility-claim
    EOF
   

4. Ensure Pod and PVC are created successfully

5. Remove namespace

    kubectl delete namespace agility-test
   

Deploy agility-system

This component deploys the Kubernetes operators that are required for AGILITY installation:

• PGO Postgres Operator from Crunchy Data
• Strimzi Kafka Operator

To deploy the agility-system chart, follow these steps:

1. Create the imagePullSecret to pull images from the B-Yond Container registry:

    kubectl --namespace kube-system create secret docker-registry byond-container-registry-credential \
    --docker-server=iad.ocir.io \
    --docker-username="${OCI_USERNAME}" \
    --docker-password="${OCI_AUTH_TOKEN}" \
    --docker-email="${OCI_EMAIL}"
   

2. Run the Helm command to deploy agility-system:

    helm --namespace kube-system upgrade --install --create-namespace agility-system ./agility-system
   

Deploy agility-services

The agility-services deployment includes the following components:

• Database engine: PostgreSQL
• Message bus: Kafka
• Object storage: MinIO
• Identity provider: Keycloak
• AGILITY Operator

To deploy the agility-services chart, follow these steps:

1. Create the target namespace (throughout this document is assumed to be agility)

    kubectl create namespace agility
   

2. Create the imagePullSecret docker secret to pull images.

    kubectl --namespace agility create secret docker-registry byond-container-registry-credential \
    --docker-server=iad.ocir.io \
    --docker-username="${OCI_USERNAME}" \
    --docker-password="${OCI_AUTH_TOKEN}" \
    --docker-email="${OCI_EMAIL}"
   

3. Create the MinIO admin secret (ensure you backup this value):

   ℹ️ root-password must be at least 8 characters long.

    kubectl --namespace agility create secret generic agility-s3 \
        --from-literal=root-user=admin --from-literal=root-password=changeit
   

4. Create the Keycloak admin secret (ensure you backup this value):

    kubectl --namespace agility create secret generic agility-keycloak \
        --from-literal=admin-password=changeit
   

5. Create the B-Yond license secret:

    kubectl --namespace agility create secret generic agility-operator \
        --from-file="license.token"=${BYOND_LICENSE_PATH}
   

6. Run the Helm command to deploy agility-services:

    helm --namespace agility upgrade --install --create-namespace agility-services ./agility-services
   

7. Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.

   The following is an example:

    kubectl --namespace agility get pods
    NAME                                             READY   STATUS      RESTARTS   AGE
    agility-db-pgbouncer-6f8f46b455-84wxb            2/2     Running     0          3m57s
    agility-operator-767c6c46d7-dmv5z                2/2     Running     0          3m57s
    agility-db-repo-host-0                           2/2     Running     0          3m57s
    agility-minio-5db49f56b7-p2x5l                   1/1     Running     0          3m57s
    agility-minio-provisioning-tst4n                 0/1     Completed   0          3m57s
    agility-kafka-zookeeper-0                        1/1     Running     0          3m53s
    agility-kafka-zookeeper-1                        1/1     Running     0          3m53s
    agility-kafka-zookeeper-2                        1/1     Running     0          3m53s
    agility-keycloak-0                               1/1     Running     0          3m57s
    agility-kafka-kafka-0                            1/1     Running     0          3m10s
    agility-kafka-entity-operator-5fd5c57bf5-kff4p   3/3     Running     0          2m43s
    agility-db-backup-wzwk-5j4mg                     0/1     Completed   0          3m27s
    agility-kafka-kafka-exporter-864646c49d-bx88r    1/1     Running     0          2m20s
    agility-kafka-ui-85b94b6b7d-5sb6l                1/1     Running     0          3m57s
    agility-db-a1-l7ct-0                             5/5     Running     0          3m57s
   

Deploy AGILITY

To deploy the AGILITY application chart, follow these steps:

1. Run the Helm command to deploy AGILITY:

    helm --namespace agility upgrade --install --create-namespace agility ./agility
   

2. Wait until all Pods are in Running or Completed state and all Running items show all expected containers running under READY column.

   The following is an example:

    kubectl --namespace agility get pods
    NAME                                             READY   STATUS      RESTARTS       AGE
    agility-db-pgbouncer-6f8f46b455-84wxb            2/2     Running     0              8m47s
    agility-operator-767c6c46d7-dmv5z                2/2     Running     0              8m47s
    agility-db-repo-host-0                           2/2     Running     0              8m47s
    agility-minio-5db49f56b7-p2x5l                   1/1     Running     0              8m47s
    agility-minio-provisioning-tst4n                 0/1     Completed   0              8m47s
    agility-kafka-zookeeper-0                        1/1     Running     0              8m43s
    agility-kafka-zookeeper-1                        1/1     Running     0              8m43s
    agility-kafka-zookeeper-2                        1/1     Running     0              8m43s
    agility-keycloak-0                               1/1     Running     0              8m47s
    agility-kafka-kafka-0                            1/1     Running     0              8m
    agility-kafka-entity-operator-5fd5c57bf5-kff4p   3/3     Running     0              7m33s
    agility-db-backup-wzwk-5j4mg                     0/1     Completed   0              8m17s
    agility-kafka-kafka-exporter-864646c49d-bx88r    1/1     Running     0              7m10s
    agility-kafka-ui-85b94b6b7d-5sb6l                1/1     Running     0              8m47s
    agility-proxy-redis-cb9fdbc49-w7wsg              1/1     Running     0              2m5s
    agility-autoloader-worker-59bd5f9575-gp6j6       1/1     Running     1 (105s ago)   2m5s
    agility-autoloader-server-d77c7c97d-6262g        1/1     Running     0              2m5s
    agility-data-pipeline-774f4c7b4c-p79hl           1/1     Running     0              2m5s
    agility-ui-cube-api-b9976d6b8-ktztq              1/1     Running     0              2m5s
    agility-proxy-6f57c54898-rnrjx                   2/2     Running     0              2m5s
    agility-ui-6d8dc8d4fb-8w6xx                      2/2     Running     0              2m5s
    agility-db-a1-l7ct-0                             5/5     Running     0              8m47s
    agility-backend-7ff9c6b48c-5kjcb                 1/1     Running     0              2m5s
   

3. Once AGILITY is deployed, you can connect to the UI using port-forwarding:

    export HTTP_SERVICE_PORT=$(kubectl get --namespace agility -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services agility)
   
    kubectl port-forward --namespace agility svc/agility 3000:${HTTP_SERVICE_PORT}
   

4. Access AGILITY in your browser at http://localhost:3000/cv/

   • username: agility-admin@b-yond.com
   • password: agility-admin@b-yond.com

   ℹ️ The default password must be modified on first login.

   To stop the port-forwarding process, press Ctrl+C in the terminal where you executed the command.

Expose AGILITY

To make AGILITY accessible from outside the cluster, various options can be used to expose the agility ClusterIP Kubernetes service. You can leverage the following Kubernetes constructs that align with your predefined guidelines. This includes:

• Ingress
• LoadBalancer Service
• NodePort

Consider your specific network infrastructure, cloud provider capabilities, and security requirements when choosing the appropriate method to expose AGILITY. More information can be found on the Expose AGILITY document.

External access

Agility requires access to specific public endpoints for proper operation. Details about these endpoints and their configuration are available in the External Access document.

Uninstall

By following these steps, you will successfully uninstall the AGILITY deployment and associated resources:

1. Delete the Helm charts at the namespace level:

    helm --namespace agility delete agility --wait
    helm --namespace agility delete agility-services --wait
   

2. Remove namespace

    kubectl delete namespace agility
   

3. Note: If you have no plans to install another instance of AGILITY, you can also remove the agility-system Helm release in the kube-system namespace:

helm --namespace kube-system delete agility-system --wait

kubectl --namespace kube-system delete secret byond-container-registry-credential