Installing on Kubernetes#

You can install HCL™ Accelerate onto a Kubernetes cluster.

The ID that you use to install the product must be able to make changes to the host environment. The tools required by all installation scenarios include the following items:

In addition to the requirements for all installation scenarios, the following items are required for Kubernetes or Minikube installation:

Get a key. The key enables you to complete installation. Visit the HCL Accelerate web portal to obtain your key. After completing the form, you will receive a confirmation email with an access key. Store the key in a readily-available location; you use it during installation.

You install the product by running the installation script that copies the Helm chart to your environment and sets installation parameters. After the script finishes, you run Kubernetes Helm commands that pull the product images from a GitHub repository and place them into the cluster defined in the Helm chart.

Additionally, you connect your installation to a MongoDB, and configure an SSL certificate. If you are using Minikube, you also need to configure an ingress.

If you need to modify project default parameters, installation options are stored in the \<installation>\values.yaml file. Other parameters are maintained in the yaml files in the \<installation>\templates directory. For example, to configure ephemeral Argo pods, you can modify the executor parameter in the .../templates/workflow-controller-configmap.yaml file.

Note: To avoid Windows UAC permission issues, use PowerShell as administrator.

  1. Download the installation file for your environment.

    Note: For macOS and Linux installations, set the appropriate permissions before running the file: sudo chmod +x.

    Visit the FlexNet download center and select the file for your environment. Or you can download the installation file directly from the following URLs:

  2. Run the installation script and respond to the prompts as described in the following steps.

    When the script starts, you are prompted to accept the license. You can explicitly accept the license without viewing it by appending the following parameter to the command:

    ./<velocity-installation-file\> **--license=accept**

    1. At the Please enter your Velocity access key prompt, enter your SE version access key.

      If you previously installed an SE version, the already-configured key is the default value.

      Note: Make sure that you enter the key for the right version.

    2. At the Choose the platform prompt, select Kubernetes.

    3. At the Enter the location where the Velocity files will be installed prompt, enter the location where you want to install the product files.

      Files are copied to the specified directory in a subdirectory named product_version_number.

    4. At the Please enter the hostname where you will run Velocity prompt, enter the host name where users can access the Web UI.

      The host name must resolve to a name on your DNS server, or in the server's hosts file. On Linux, the file location is etc/hosts; on Windows, the location is C:\Windows\System32\drivers\etc\hosts.

      Note: You cannot use localhost as the hostname. If you do not have any host names defined, for testing purposes you can use 127.0.0.1.nip.io. This location will redirect back to 127.0.0.1, which is typically used by localhost.

    5. To enforce limits on resources, set the values for the resource flags for all containers and use the customConfigFile flag to set the path of the JSON file that contains values that are specified for individual services.

      An example of an install command using the new flags follows:

      /velocity-ibm-install-1-5-5-macos --resourcesRequestsCpu 60m --customConfigFile resources.json

      You can use the following flags in the command:

      • resourceLimitsMemory
      • resourceLimitscpu
      • resourceRequestMemory
      • resourceRequestcpu
      • customConfigFile Note: A resources.json code example follows.

      { "resources": { "limits": { "memory": { "default": "1Gi", "application-api": "3Gi" }, "cpu": { "application-api": "2" }, }, "requests": { "memory": { "release-events-ui": "256Mi" }, "cpu": { "multi-app-pipeline-api": "45m", "release-events-ui": "55m" } } } }

    The Helm chart is copied to /my\_installation/version\_number/velocity-version.tgz. The installation properties are saved in a file located at /home/ucv/settings.json.

  3. If you do not have a MongoDB database installed, install one now. Follow the instructions at the MongoDB GitHub repository.

    Below is a sample command for installing the MongoDB:

    ```

     helm install   \
     --name velocity-mongo bitnami/mongodb \
     --set database.password=mongo \
     --set database.user=mongo \
     --set database.name=velocity
    

    ```

    Note: If Helm cannot find the chart, try running the following command: helm repo add bitnami https://charts.bitnami.com/bitnami. If your organization uses a different repository, substitute it for bitnami/mongodb.

    Note: If you are using Helm 3.0 or later, change the name property to velocity-mongo, as shown in the following example:

    ```

     helm install velocity-mongo bitnami/mongodb \
     --set database.password=mongo \
     --set database.user=mongo \
     --set database.name=velocity
    

    ```

    To verify the installation, you can use the following commands:

    helm list

    helm status velocity-mongo

    To list all pods in the namespace, use the following command:

    kubectl get pods

  4. Create an SSL certificate and key and store them in the velocity-secret.yml file.

    1. Create the velocity-secret.yml file.

      Paste the following code fragment into your file:

      ```

        apiVersion: v1
       data:
         tls.crt: <BASE64 Encoded>
         tls.key: <Base64 Encoded>
       kind: Secret
       metadata:
         name: velocitytls
         namespace: default
       type: Opaque
      

      ```

      Note: Ensure the code does not contain any line breaks.

    2. Generate a public key and a private certificate.

      You can use OpenSSL to generate the certificate and key, which is installed on most Linux distros. On Windows, the easiest way to get OpenSSL is with Git. Git installs a copy in its Program Files\Git\usr\bin directory. The following example creates a certificate named certificate.pem:

      openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem

    3. Encrypt the certificate.

      The following code fragment illustrates how to encrypt the certificate on Linux:

      cat certificate.pem | base64

    4. Copy the encrypted certificate and then paste it into the tls.crt field in the velocity-secret.yml file.

    5. Encrypt the private key and paste it into the tls.key field in the velocity-secret.yml file.

    6. Apply velocity-secret.yml file to your installation.

      You can use the kubectl command to apply your secret:

      kubectl apply -f velocity-secret.yml

      If the process is successful, you will see a message similar to the following one:

      secret/velocitytls created

  5. Enable your ingress and ensure that it points to your host by completing these steps:

    1. For a full Kubernetes installation, you can use the following two commands:

      helm repo add bitnami https://charts.bitnami.com/bitnami

      helm install velocity-ingress bitnami/nginx-ingress-controller

    2. If you are using Minikube, use the following command instead to enable the ingress: minikube addons enable ingress.

  6. Determine the configuration properties for the helm install command.

    Thevalues.yaml file is located in /my\_installation/version\_number/velocity-version.tgz. The following code fragment displays a typical command:

    ```

     helm install \
     --name uc-velocity \
     ./velocity-<version\>-helm.tgz \
     --set access.key=my\_access\_key \
     --set license=accept \
     --set url.domain=my\_hostname \
     --set mongo.url=mongodb://mongo:mongo@velocity-mongo-mongodb:27017
     --set license=accept
    

    ```

    If you are using Helm 3.0 or later, remove the name property as shown in the following example:

    ```

     helm install uc-velocity \
     ./velocity-<version\>-helm.tgz \
     --set access.key=my\_access\_key \
     --set license=accept \
     --set url.domain=my\_hostname \
     --set mongo.url=mongodb://mongo:mongo@velocity-mongo-mongodb:27017
     --set license=accept
    

    ```

    Properties depend on your environment. The following properties are required. The optional properties are given later.

    • access.key

      The product access key obtained earlier.

    • url.domain

      The hostname of your node or the Ingress host name.

    • mongo.url

      The URL of the MongoDB. Specify the following parameters.

      • username

        The user ID to authenticate with the MongoDB database. For example, mongo.

      • password

        The associated password to authenticate with the MongoDB database. For example, mongo.

      • authSource

        If you connect to an authenticated MongoDB database, you can use authSource to specify the database where authenticated users are defined. For example, if the admin user is defined in the admin database, you can use mongodb://root:password@velocity-mongo-mongodb?authSource=admin.

      • port

        The port number for the MongoDB database. Use the value shown in the example, which is 27017.

      • service_name

        The MongoDB URL or the MongoDB service name if it is running within the Kubernetes cluster. For example, velocity-mongo-mongodb.

      • database_name

        The name of the database to be used by HCL™ Accelerate. For example, velocity.

      Note: If you used the install command in the previous step to install the MongoDB, use the following values for the mongo.url property.

      --set mongo.url=mongodb://mongo:mongo@velocity-mongo-mongodb:27017

      If you use the default Bitnami MongoDB, make sure to grant the MongoDB user full write privileges.

    • name

      The name space where the Helm chart is applied, and the name of Helm chart. Deprecated for Helm 3.0 or later.

      --name uc-velocity ./velocity-<version\>-helm.tgz

  7. If you need to enforce limits on resources, modify the executor parameter in the velocity/templates/workflow-controller-configmap.yaml file.

    For example, to limit ephemeral Argo pods, you might use the following parameter values:

    ```

     ...
     data:
       config: |
         containerRuntimeExecutor: kubelet
         namespace: velocity
         executor:
           resources:
             limits:
               cpu: 1
               memory: 2Gi
             requests:
               cpu: 50m 
               memory: 512Mi
    

    ```

  8. Run the helm install command to install the HCL Accelerate images into your Kubernetes cluster.

    After you run the command, Kubernetes displays status information about the installation.

    Refer to the displayed NOTES section for the location of the Minikube administrator dashboard. You manage your Minikube installation on the admin dashboard.

When all the containers have the status of running, the installation is complete and you can access HCL Accelerate at the URL you specified in the helm chart. You can refresh the status display by using the following kubectl command: kubectl get pods. The default admin user name is admin and the default password is admin.

The following Helm chart parameters are optional:

Parent topic: Installation