Installing Aginity Premium

Premium

What You'll Need

A server running Ubuntu 20.04 LTS or Redhat 7 (This can be bare metal or virtual machine, on premise or in the cloud of your choice)

A server with 100G of disk space, 8 CPUs, and 32G of memory are recommended (AWS EC2 m5.2xlarge, Azure Standard_D8s_v3, GCP n2-standard-8)

An installation of PostgreSQL version 12 or greater with a database provisioned for Aginity Premium (This can be on the same server but using an external service such as AWS RDS is recommended)

A trusted SSL certificate (Premium ships with self-signed certificates, but we highly recommend you bring your own)

Install Snapd (Redhat Only)

Install the Extra Packages for Enterprise Linux (EPEL) Repositories

sudo yum install epel-release

Install snapd

sudo yum -y install snapd

The systemd unit that manages the main snap communication socket needs to be enabled:

sudo systemctl enable --now snapd.socket

To enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap

sudo ln -s /var/lib/snapd/snap /snap

Log out and back in again to ensure snap’s paths are updated correctly.

Install MicroK8S

MicroK8S will install a minimal, lightweight Kubernetes you can run and use on practically any machine. It can be installed with a snap:

sudo snap install microk8s --classic --channel=1.19

Join the group

MicroK8S creates a group to enable seamless usage of commands which require admin privilege. To add your current user to the group and gain access to the .kube caching directory, run the following two commands:

sudo usermod -a -G microk8s $USER
sudo chown -f -R $USER ~/.kube

You will also need to re-enter the session for the group update to take place:

su - $USER

Check the status

MicroK8S has a built-in command to display its status. During installation you can use the --wait-ready flag to wait for the Kubernetes services to initialize:

microk8s status --wait-ready

Enable MicroK8S Addons

microk8s enable dns ingress storage

By default MicroK8s points to Google’s 8.8.8.8 and 8.8.4.4 servers for resolving addresses. The forward dns servers can also be altered after enabling the addon by running the command:

microk8s kubectl -n kube-system edit configmap/coredns

This will invoke the vim editor so that you can alter the configuration.

Install Helm

sudo snap install helm --classic

Access Kubernetes

MicroK8s uses a namespaced kubectl command to prevent conflicts with any existing installs of kubectl. If you don’t have an existing install, it is easier to add an alias (append to ~/.bash_aliases) like this:

alias kubectl='microk8s kubectl'

Download the Aginity Premium Helm Chart

Pull the Aginity Premium helm chart from our public repository.

export HELM_EXPERIMENTAL_OCI=1
helm pull oci://public.ecr.aws/aginity/premium/aginity-premium --version <release_version>

Extract chart to local directory, typically /opt/aginity

tar -xvf aginity-premium-<release_version>.tgz

Change working directory to directory where chart has been extracted in previous step

cd <local_path_to_chart>/aginity-premium/

Configure Aginity Premium Deployment

Make a copy of the values.yaml.template file by running the following command:

cp values.yaml.template values.yaml

Open the newly created file with your editor of choice. The secrets section contains parameters that will be encrypted and stored inside MicroK8s.

  • encryptionKey (salt for encrypting your data)
  • jwtSecret
  • superUserName (name of the default superuser)
  • superUserPassword (password for the default superuser)
  • postgresUser (username to connect PostgreSQL backend)
  • postgresPassword (password to connect PostgreSQL backend)

Provide the settings to connect to the PostgreSQL backend database. This database should be created in advance of the Aginity Premium installation.

  • postgresHost (leave empty if using IP addressing)
  • postgresIp (leave empty if using DNS addressing)
  • postgresPort (default is 5432)
  • postgresDB

It is very important to keep values.yaml and backup it periodically since it contains sensitive data. Also this file will preserve all configuration between upgrades for a consistent upgrade process.

TLS configuration

Access to Aginity Premium needs to be secured. This chart contains a self-signed SSL certificate, however, we recommend using a trusted signed SSL certificate from your provider of choice.

To install a trusted SSL certificate:

Replace ./tls/server.crt and ./tls/server.key with your certificate and private key. File extensions must be .crt and .key for the certificate and private key respectively.

Provide domain name in values.yaml. This is under 'ingress' section 'host' value.

Installation of Aginity Premium

To Aginity Premium execute from chart directory

helm install aginity-premium .

Here aginity-premium is the name of deployment in helm.

To upgrade deployment after changes in values.yaml execute:

helm upgrade aginity-premium .

The deployment typically takes about three minutes, during which time you may see pods restarting. You can check the status of the deployment:

kubectl get pods --namespace aginity

Once all of the containers in the deployment achieve a running state, Aginity Premium can be accessed via a Chrome browser:

https://servername:8080/login

Accessing Aginity Premium using Self-Signed SSL

By default Aginity Premium will be deployed with self signed SSL certificate and default domain name 'aginity-premium.local'. You can use your certificates and domain name, which is preferable and more secure. In order to access Aginity Premium using a self-signed SSL certificate:

  • Find out the external IP address of server, where Aginity Premium has been installed.
  • Edit 'hosts' file ( '/etc/hosts' for Linux and MacOS; 'C:\Windows\System32\drivers\etc\hosts' for Windows 10) and add following:
    # BEGIN section for Aginity Premium
    <IP of server>     aginity-premium.local
    # END section for Aginity Premium 
  • Open Google Chrome and go to 'https://aginity-premium.local'. In case of default deployment with self signed certificate you will see Chrome warning page. Type on your keyboard thisisunsafe and press 'Enter' key. Refresh page.

Again, we strongly recommend to use valid trusted SSL certificate.

Uninstalling Aginity Premium

To uninstall Aginity Premium from the Kubernetes cluster run the following:

helm uninstall aginity-premium --namespace default
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request