If you want to get something up and running quickly you can use infraboxcli to install InfraBox on a GKE Cluster.
All you need ist:
- A GCP Account
- gcloud installed and configured to create a kubernetes cluster in your project
- helm installed
- kubectl installed
- git installed
- infraboxcli
Run infrabox install and follow the instructions.
You can run InfraBox on any Kubernetes Cluster with at least version 1.9.
- helm (at least 2.10)
- kubectl
- a domain with access to the DNS configuration (i.e.
infrabox.example.com)
Create a Kubernetes Cluster:
We use helm to deploy the different components. To install helm into you kubernetes cluster run:
kubectl -n kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tillerCurrently InfraBox only supports an nginx-ingress controller. To add one to your cluster:
helm install \
-n nginx-ingress-controller \
--namespace kube-system \
--set rbac.create=true \
--set controller.service.loadBalancerIP="<INSERT_YOUR_EXTERNAL_IP_HERE>" \
--set controller.scope.enabled="true" \
--set controller.scope.namespace="infrabox-system" \
stable/nginx-ingressDon't forget to add your external IP address, which you have created earlier, as loadBalancerIP
InfraBox seperates the control plane (dashboard, docker-registry, api server, etc) from the actual jobs. Create two namespaces:
kubectl create ns infrabox-system
kubectl create ns infrabox-workerInfraBox requires a valid TLS certificate. It must be stored as a Secret with name infrabox-tls-certs in the infrabox-system namespace.
You have multiple options to create one:
- Self signed certificates (not recommended, ok for testing, easiest to get started)
- Set an already existing certificate
- Use cert-manager to issue a certificate
InfraBox requires an object store to persist some data like inputs/outpus, caches and as storage for the docker-registry. Chose one of the options:
InfraBox requires a PostgreSQL Database for persisting some data. You have the following options:
- Deploy in Kubernetes (not recommended, ok for testing, easiest to get started)
- CloudSQL
- Connect to any PostgreSQL database
You can configure different ways of how your user can authenticate.
You may optionally configure Grafana/Prometheus monitoring.
You may optionally configure a status page.
If you have not already cloned the InfraBox repository and checkout the version you would like to install.
git clone https://github.com/SAP/infrabox /tmp/infrabox
cd /tmp/infrabox
git checkout masterInfraBox uses a RSA key to sign certain information for security reasons. You need to generate a RSA key and keep it at a secure place
mkdir /tmp/infrabox-config
cd /tmp/infrabox-config
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pubInfraBox uses helm for deploying. Create a my_values.yaml for your custom options:
cat >my_values.yaml <<EOL
image:
tag: 1.1.5 # chose a released version
admin:
private_key: $(base64 -w 0 ./jwtRS256.key)
public_key: $(base64 -w 0 ./jwtRS256.key.pub)
EOLIf you get an error base64: invalid option -- w (e.g. on macOS), change the -w to -b in the base64 subcommand.
Add all the necessary configurations options as described in the earlier steps.
If you forget some the installation will fail with some message like a.b.c is required.
After you have prepared your my_values.yaml you may deploy InfraBox.
IMPORTANT: This requires at least helm 2.10
helm install --namespace infrabox-system -f my_values.yaml --wait /tmp/infrabox/deploy/infraboxAfter a few seconds you can open your browser and access https://<YOUR_DOMAIN>.
You can deploy multi cluster with HA mode
You can provide a privacy and terms of use url. These links will show up in the footer.