ETSI HypO Installer
ETSI HypO is packaged as a cloud-native service using Helm.
This helm chart can be found online.
Hardware Requirements
For a functional ETSI HypO deployment with Helm, you need a pre-deployed (single-node) Kubernetes cluster with the following minimum requirements:
| Compute Requirement | Minimum Value | Recommended Value |
|---|---|---|
| Number of CPU cores | 4 | 8 |
| Main Memory | 12GB | 16GB |
| Storage | 40GB | 60GB |
The host machine of this cluster should have at least a interface with Internet access.
Helm Installation
If Helm is not already installed, follow these instructions:
wget https://get.helm.sh/helm-v3.13.1-linux-amd64.tar.gz
tar -zxvf helm-v3.13.1-linux-amd64.tar.gz
sudo mv linux-amd64/helm /usr/local/bin/
helm repo add stable https://charts.helm.sh/stable
helm repo update
Longhorn Installation
NOTE: PVC support is needed if we want to enable PostgreSQL primary data persistence using PVC.
curl -sSfL https://raw.githubusercontent.com/longhorn/longhorn/v1.4.2/scripts/environment_check.sh | bash
helm repo add longhorn https://charts.longhorn.io
helm repo update
helm install longhorn longhorn/longhorn --namespace longhorn-system --create-namespace
In case we don't want to persist the data you can skip PVC Longhorn installation.
To disable persistence in the ETSI HypO helm chart you need to update the values.yaml file with:
### loki section
loki:
singleBinary:
persistence:
enabled: false
### tempo section
tempo:
persistence:
enabled: false
### kafka section
kafka:
controller:
persistence:
enabled: false
### postgresql-db section
postgresql-db:
primary:
persistence:
enabled: false
### pgadmin section
pgadmin:
persistentVolume:
enabled: false
Create Kubernetes secret to pull from private registry
To pull ETSI HypO images from the ETSI registry you need a Kubernetes secret.
Create a secret with name regcred and set your username and password accordingly.
kubectl create secret docker-registry regcred --docker-server=abs.etsi.org/rep/osl/hypo/code/org.etsi.osl.hypo.ops/installer/-/packages --docker-username=<username> --docker-password=<password>
Keycloak
ETSI HypO's helm chart needs an operational Keycloak deployment for connection and authorization.
We provide two options on how to integrate Keycloak with the Orchestrator chart.
Keycloak Helm chart
By default, the Orchestrator chart installs Keycloak chart as a dependency. In this case, the host IP is used as the authentication server.
External Keycloak option
We can also disable the default Keycloak installation (with keycloak.setup=false) and set an existing Keycloak server (with externalKeycloak.host). This Keycloak instance can be a chart deployed in the same or a different cluster, or it can even be a Keycloak instance deployed entirely outside K8s.
Installation of standalone Keycloak - Skip if Keycloak is already installed
We also provide an option for standalone Keycloak helm chart installation. If you want, you can deploy Keycloak on its own by running:
helm install keycloak oci://registry-1.docker.io/bitnamicharts/keycloak -f helm_conf_files/values-keycloak.yaml
The helm_conf_files folder provides the values.yaml file which is needed for Keycloak to operate with ETSI HypO. Specifically, the realm.json for the TMF realm is provided. We should also note that this Keycloak installation option will deploy a Postgres database, whereas the default Keycloak will use the existing Postgres instance provided by ETSI HypO.
Installation of ETSI HypO
- Clone the repo
git clone https://labs.etsi.org/rep/osl/hypo/code/org.etsi.osl.hypo.ops/installer.git
- Navigate to the
charts/hypodirectory:
cd charts/hypo
- Build Helm dependencies:
helm dep build
- Install ETSI HypO Orchestrator using Helm:
helm install hypo .
NOTE:
-
The above will deploy a complete instance of ETSI HypO.
-
The deployment will be in the default namespace of Kubernetes with the name "hypo".
NOTE: You can change ETSI HypO's configuration by enabling/disabling supporting services or changing the default values in the values.yaml file.
Uninstall ETSI HypO
To uninstall ETSI HypO, use the following command:
helm uninstall hypo
Additionally, you have to delete the Persistent Volume Claims (PVCs) associated with the "hypo" chart, which are:
NAMESPACE NAME
default data-hypo-kafka-controller-0
default data-hypo-postgresql-db-0
default hypo-jaeger-all-in-one
default hypo-pgadmin
Installation Info
ETSI HypO Microservices
The chart deploys all of the core microservices of ETSI HypO. You may view the information about each core microservice in the Architecture page.
Supporting services
In addition to the core microservices provided by ETSI HypO, the Orchestrator chart also deploys the following supporting services.
Infinispan
Infinispan is a distributed in-memory key/value data store with optional schema. We use it along with the SONATA core deployment.
OCI Registry
An OCI registry is used in order to store the helm charts created by the Package Manager. This service is provided by two components: the Registry Server, which stores the created charts, and the Registry UI, where the user can visualize the created helm charts.
ETSI HypO supporting charts
1. Kube-prometheus-stack
Installs the kube-prometheus stack, a collection of Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
Chart Info:
name: kube-prometheus-stack
version: ~58.0.0
repository: https://prometheus-community.github.io/helm-charts
2. Loki
Installs Loki, our logging component, which is also a part of the Grafana stack. Loki is a horizontally scalable, highly available, multi-tenant log aggregation system inspired by Prometheus.
Chart Info:
name: loki
version: ~6.3.3
repository: https://grafana.github.io/helm-charts
3. PromTail
Installs promtail, which is an agent responsible for gathering logs and sending them to Loki.
Chart Info:
name: promtail
version: ~6.15.5
repository: https://grafana.github.io/helm-charts
4. Tempo
Installs Grafana Tempo, an open source, easy-to-use, and high-scale distributed tracing backend. Tempo is cost-efficient, requiring only object storage to operate, and is deeply integrated with Grafana, Prometheus, and Loki. It collects traces through an OpenTelemetry Collector, which is described below.
Chart Info:
name: tempo
version: ~1.7.2
repository: https://grafana.github.io/helm-charts
5. Kafka
Installs an Apache kafka component, which is a distributed streaming platform designed to build real-time pipelines and can be used as a message broker or as a replacement for a log aggregation solution for big data applications.
Chart Info:
name: kafka
version: ~26.3.0
repository: oci://registry-1.docker.io/bitnamicharts
6. Postgresql DB
Installs postgresql database, an open source object-relational database known for reliability and data integrity. Postgresql DB is ACID-compliant, it supports foreign keys, joins, views, triggers and stored procedures.
Chart Info:
name: postgresql
alias: postgresql-db
version: ~13.2.2
repository: oci://registry-1.docker.io/bitnamicharts
7. PgAdmin4
Installs pgadmin4, a management tool for Postgres.
Chart Info:
name: pgadmin4
alias: pgadmin
version: ~1.18.2
repository: https://helm.runix.net
8. OpenTelemetry Collector
Installs an opentelemetry-collector component, thats offers a vendor-agnostic implementation on how to receive, process and export telemetry data. This collector co-operates with Tempo.
Chart Info:
name: opentelemetry-collector
alias: otel-collector
version: 0.60.0
repository: https://open-telemetry.github.io/opentelemetry-helm-charts
9. Keycloak
Installs Keycloak, our user authorizaton and authentication server.
Chart Info:
name: keycloak
version: ~17.3.1
repository: oci://registry-1.docker.io/bitnamicharts
10. Mimir
Installs Mimir, an open source, horizontally scalable, highly available, multi-tenant TSDB for long-term storage for Prometheus.
Note: Our Mimir deployment is set to false by default.
Chart Info:
repository: https://grafana.github.io/helm-charts
version: 5.1.3
name: mimir-distributed