Installing on Kubernetes#
HCL™ Accelerate is designed as a containerized application and can be installed in a Kubernetes cluster, which is a supported platform for production instances of HCL Accelerate.
Because of extensive variability of Kubernetes environments and versions, careful consideration and planning should be performed in preparation for installing HCL Accelerate for your enterprise use.
HCL Accelerate installation should occurs in 3 phases.
Running the HCL Accelerate installer produces a Helm chart customized for your environment that is then applied to the Kubernetes instance for creating the Kubernetes resources. Complete product installation requires a separately administered and installed MongoDB database for data persistence.
Note:
Secure values stored in a JSON file are automatically added to the home directory of the user during Helm Chart Configuration. The directory is hidden and should not be modified or removed by the user. Because the values are located in the user's home directory, future upgrades must be performed by the user of the original installation. The encryption key encrypts the secure values in the JSON file. If a user uses the default encryption key when installing the product, future upgrades should proceed normally. If a non-default encryption key is provided for the initial installation, the user must also provide that encryption key for future upgrades. The values stored in the hidden directory are accessed by the installer on any future upgrades, and changes to the secure values will prevent upgraded instances from accessing existing data.
Prerequisites#
This phase ensures your environment is prepared to perform the complete HCL Accelerate install with required permissions, physical resources, and installation artifacts.
-
Consult the system requirements and ensure you have identified an environment that meets HCL Accelerate expectations. See system requirements.
-
Kubernetes Cluster-level permissions: HCL Accelerate's Helm chart require cluster-level permissions to create a few
CustomResourceDefinitions
. To get permissions for authorization, consult your Kubernetes administator to help complete the final Helm chart installation phase. See cluster-level permissions FAQs. -
MongoDB: It is the customer's responsibility to provide enterprise database administration of the MongoDB database in production scenarios. Consult the system requirements for further details. HCL Accelerate supports MongoDB Enterprise and Community Edition. Install the MongoDB database for the required environment.
For Kubernetes installation, we recommend Bitnami's MongoDB image. We recommend to allocate a dedicated resource for MongoDB database for the better performance of HCL Accelerate.
Below are sample commands for installing Bitnami's MongoDB version 4.2,
helm repo add bitnami https://charts.bitnami.com/bitnami
```
helm install accelerate-mongo\ --set persistence.enabled=true\ --set auth.rootPassword=<CUSTOM_ROOT_PASSWORD>\ --set image.tag=4.2\ bitnami/mongodb
```
Note: See Bitnami documentation for complete configuration details.
Note: Ensure the MongoDB user you plan to use for authorization has full permission privileges.
-
(Optional) Ingress Controller: Enable ingress controller for accessing the server outside the Kubernetes cluster. Verify the default installation of ingress controller on cluster of Kubernetes platform.
We recommend Bitnami's Nginx Ingress controller image for HCL Accelerate installation.
Below are sample commands for installing Bitnami's Nginx Ingress controller
helm repo add bitnami https://charts.bitnami.com/bitnami
```
helm install accelerate-ingress\ bitnami/nginx-ingress-controller ```
Note: See Bitnami documentation for complete configuration details.
-
Download the installation file for your environment and access key to authorize the configuration and installation. You can download the installation file by using anyone of the following options,
-
FlexNet Operations Download Center
Visit the FlexNet download center, navigate to the HCL Accelerate product and select the required version. Download HCL Accelerate installer for your local environment and access key.
-
Free trial edition
Complete the form and click Get HCL Accelerate Today. After few minutes, you will receive an email containing download links and an access key for free trial edition.
Note: HCL Accelerate does not perform malware scanning on the installed files. It is recommended that end users implement malware scanning as appropriate for their environment before installing and running the HCL Accelerate in their environment.
-
Helm chart generation#
The Helm chart generation is a phase to run HCL Accelerate installer and generate the customized Helm chart to run on your Kubernetes cluster.
Copy the HCL Accelerate installer and access key to a directory where you want to run the executable file and generate the Helm chart. As mentioned earlier, we strongly recommend to store the details of the installation directory and the user performs installation for the future upgrades.
Download the file that needs for your environment.
- Linux: accelerate-ibm-install-<version>-linux
- Windows: accelerate-ibm-install-<version>-win.exe
- Mac OS: accelerate-ibm-install-<version>-macos
Note: For macOS and Linux installations, set the appropriate permissions before running the file: sudo chmod +x
.
Run the installed executable file and respond to the prompts as described in the following steps,
-
At the Please enter your HCL Accelerate access key prompt, enter the randomly generated access key.
-
At the Do you accept the license? [Y,n] prompt, enter Y to accept the license, Otherwise, the installer will immediately terminate.
-
At the Enter your encryption key or leave blank to use the default. Key must be at least 8 characters prompt, enter your encryption key or leave blank to use the default encryption key.
Note: The encryption key must be at least 8 characters. Save the encryption key to use for further upgrades.
-
At the Choose the platform prompt, select
Helm
. -
At the Enter the location where the HCL Accelerate files will be installed prompt, enter the location where you want to install the product files.
Files are copied to the specified directory in a subdirectory named
product_version_number
. -
At the What version of MongoDB are you using? prompt, select the version of the MongoDB that you want to use as database forHCL Accelerate installation.
-
At the Enter the initial password for the admin user prompt, enter your admin password.
-
At the Please enter the hostname where you will run HCL Accelerate prompt, enter the host name where users can access the Web UI.The host name must resolve to a name on your DNS server, or in the server's hosts file. On Linux, the file location is etc/hosts; on Windows, the location is C:\Windows\System32\drivers\etc\hosts.
Note: You cannot use localhost as the hostname. If you do not have any host names defined, for testing purposes you can use
127.0.0.1.nip.io
. This location will redirect back to127.0.0.1
, which is typically used by localhost. -
At the Enter the desired port where HCL Accelerate will run prompt, enter the port number for the Web UI.
-
(Applicable for Offline only) At the Choose how to receive offline Docker images for HCL Accelerate prompt, specify the remote registry where the images will be uploaded.
Note: If your remote registry requires authorization, follow the silent install directions in the advanced usage section.
Completion of the installer will generate a Helm chart that you will run on your Kubernetes cluster's master node in the next steps.
Note: Use settings values.yaml to modify the Helm charts.
Helm chart installation#
Helm chart installation is a phase for finalizing the installation of HCL Accelerate and running the appropriate Helm install command.
-
Copy the generated Helm chart to the master Kubernetes node.
-
Optional At this point, we recommend customizing Helm chart as necessary for advanced configuration, such as SSL certificate, node affinity or resource limit configuration. For additional directions, see Advanced Usage section.
-
Run the following command to install HCL Accelerate
```
helm install accelerate ./accelerate-<version>-helm.tgz\ --set license=accept\ --set access.key=access\_key\ --set mongo.url=mongodb url
```
After running the command, Kubernetes displays the installation status. Installation is completed when the status of all containers is running. To refresh the status of container, run
kubectl get pods
command. -
In browser, navigate to HCL Accelerate at theURL, you specified in the helm chart.
The default username is admin and the default password is what you specified in installer.
Advanced usage#
Required Helm parameters#
The following parameters are required to be specified during the Helm install:
Parameter | Comments |
---|---|
license | Specify accept to agree to the HCL License Agreement |
access.key | Specify the product access key obtained from FlexNet |
Mongo.url | username |
password | The password to authenticate with the MongoDB database. For example, mongo . |
authSource | If you connect to an authenticated MongoDB database, you can use authSource to specify the database where authenticated users are defined. For example, if the admin user is defined in the admin database, you can use authSource=admin . |
port | The port number for the MongoDB database. Use the value shown in the example, which is 27017 . |
service_name | The MongoDB URL or the MongoDB service name if it is running within the Kubernetes cluster. For example, accelerate-mongo . |
database_name | The name of the database to be used by HCL Accelerate. For example, accelerate . |
The sample MongoDB URL ismongodb://<username>:<password>@<service_name>:<port>/<authSource>
Note: If you used the install command in the previous step to install the MongoDB, use the following values for the mongo.url property.``
--set mongo.url=mongodb://mongo:mongo@accelerate-mongo:27017
Optional Helm parameters#
You can use the optional Helm parameters to perform advanced functionality and silent installs. To identify optional parameters run the helm show values accelerate-<version>-helm.tgz
The following additional properties are common and it can be specified optional during the helm install:
Parameter | Description | Comments |
---|---|---|
loglevel | The level of Log4j messages to display in the log file. | Possible values are ALL, DEBUG, INFO, WARN, ERROR, FATAL, OFF. The default value is ALL. |
SSL certificates#
If your organization required an SSL certificate, create an SSL certificate and key. Store the SSL certificate and key in accelerate-custom-tls-secret.yaml
file.
-
Generate a public key and a private certificate:For Linux operating system, you can use OpenSSL to generate the certificate and key. For Windows operating system, use Git to get OpenSSL. Git installs a copy in Program Files\Git\usr\bin directory. The following example creates a certificate with name certificate.pem.
-
With the SSL certificate and key available, run the following command
kubectl create secret tls accelerate-custom-tls --key <key.pem>\ --cert certificate.crt
-
Run
kubectl apply -f accelerate-custom-tls-secret.yaml
command to applyaccelerate-custom-tls-secret.yaml
to HCL Accelerate installation.
After the successful process, the following message is displayed.
secret/accelerate-custom-tls created
Node allocation#
Kubernetes can allocate resources in multiple nodes. Kubernetes can orchestrate the deployment of application in multiple nodes. We recommend to allocate four nodes for production installation of HCL Accelerate.
-
Node 1: Inter-service communication media like RabbitMQ with dedicated memory to save your data.
-
Node 2: Value stream metrics calculations such as cycle time, lead time, throughput, and deployment frequency.
-
Node 3: Plugin to fetch new data for keeping HCL Accelerate in sync with different tool chains.
-
Node 4: MongoDB deployment (provided and managed by the user) which is shared by all services and for better performance in handling heavy workload.
The four node distribution is to ensure resource-intensive actions not impact UI and API which may cause performance issues. You can add the “workload-class” labels (background, transactional, and external) to any one node. On startup. Kubernetes will automatically schedule each service across the available nodes in a way to minimize resource competition and maximize performance.
We recommend allocating the node properly improves performance and provides stability to the application, Proper node allocations support 30% increase in the performance and stability across the value streams, pipeline, and release functional areas.
Resource limits#
To enforce limits on Argo resources, modify the executor parameter in the accelerate/templates/workflow-controller-configmap.yaml
For example, to limit ephemeral Argo pods, you can use the following parameter values:
data:
config: |
containerRuntimeExecutor: kubelet
namespace: accelerate
executor:
resources:
limits:
cpu: 1
memory: 2Gi
requests:
cpu: 50m
memory: 512Mi
- Cluster-level permissions FAQs
Cluster-level permissions FAQs
Parent topic: Installing and upgrading