Helm chart (Kubernetes) - Online

Introduction

This document aims to explain how to install Exastro Platform and/or Exastro IT Automation on Kubernetes.

Features

This method allows the user to install Exastro IT Automation with the highest level of availability and service.
For a more simple installation for testing and temporary usage, we recommend the Docker Compose version.

Prerequisites

  • Client requirements

    The following describes confirmed compatible client application as well as their versions.
    表 1 Client requirements

    Application

    Version

    Helm

    v3.9.x

    kubectl

    1.23

  • Deploy environment

    The following describes confirmed compatible operation systems as well as their versions.
    表 2 Hardware requirements (minimum requirements)

    Resource type

    Required resource

    CPU

    2 Cores (3.0 GHz, x86_64)

    Memory

    4GB

    Storage (Container image size)

    10GB

    Kubernetes (Container image size)

    1.23 or later
    表 3 Hardware requirements (Recommended requirements)

    Resource type

    Required resource

    CPU

    4 Cores (3.0 GHz, x86_64)

    Memory

    16GB

    Storage (Container image size)

    120GB

    Kubernetes (Container image size)

    1.23 or later

    警告

    The required resources for the minimum configuration are for Exastro IT Automation's core functions. Additional resources will be required if you are planning to deploy external systems, such as GitLab and Ansible Automation Platform.
    Users will have to prepare an additional storage area if they wish to persist databases or files.
    The storage space is only an estimate and varies based on the user's needs. Make sure to take that into account when securing storage space.

  • Communication Protocols

    • The client must be able to access the deploying container environment.

    • The user will need 2 ports. One for the Platform administrator and one for normal users.

    • The user must be able to connect to Docker Hub in order to acquire the container image from the container environment.

  • External components

    • MariaDB or MySQL server

    • Must be able to create Gitlab accounts and repositories.

    警告

    If the user is construcing the GitLab environment on the same cluster, the GitLab's minimum system requirements changes in order to support the additional load.
    If the user is construcing the Database environment on the same cluster, the Database's minimum system requirements changes in order to support the additional load.

Preparation

Register Helm repository

The Exastro system is constructed by the following 2 applications.
All the Exastro tools exists on the same Helm repository.

  • Shared Platform (Exastro Platform)

  • Exastro IT Automation

Repository

https://exastro-suite.github.io/exastro-helm/
リスト 1 Cmmand
1# Register Exastro system's Helm repository.
2helm repo add exastro https://exastro-suite.github.io/exastro-helm/ --namespace exastro
3# Update repository information
4helm repo update

Fetch default setting values

The following command outputs the values.yaml default values. This makes it easier to manage the input parameters.
リスト 2 Command
helm show values exastro/exastro > exastro.yaml
exastro.yaml
リスト 3 exastro.yaml
  1# Default values for Exastro.
  2# This is a YAML-formatted file.
  3# Declare variables to be passed into your templates.
  4global:
  5  itaGlobalDefinition:
  6    config:
  7      DEFAULT_LANGUAGE: "ja"
  8      LANGUAGE: "en"
  9      TZ: "Asia/Tokyo"
 10    secret:
 11      ENCRYPT_KEY: ""
 12    persistence:
 13      enabled: true
 14      accessMode: ReadWriteMany
 15      size: 10Gi
 16      volumeType: hostPath # e.g.) hostPath or AKS
 17      storageClass: "-" # e.g.) azurefile or - (None)
 18      # matchLabels:
 19      #   release: "stable"
 20      # matchExpressions:
 21      #   - {key: environment, operator: In, values: [dev]}
 22  itaDatabaseDefinition:
 23    config:
 24      DB_VENDOR: "mariadb"
 25      DB_HOST: "mariadb"
 26      DB_PORT: "3306"
 27      DB_DATABASE: "ITA_DB"
 28    secret:
 29      DB_ADMIN_USER: "root"
 30      DB_ADMIN_PASSWORD: "Ch@ngeMeDBAdm"
 31      DB_USER: "ITA_USER"
 32      DB_PASSWORD: "Ch@ngeMeITADB"
 33  pfGlobalDefinition:
 34    config:
 35      DEFAULT_LANGUAGE: "ja"
 36      LANGUAGE: "en"
 37      TZ: "Asia/Tokyo"
 38    secret:
 39      ENCRYPT_KEY: ""
 40  pfAuditLogDefinition:
 41    name: pf-auditlog
 42    persistence:
 43      enabled: false
 44      reinstall: false
 45      accessMode: ReadWriteMany
 46      size: 10Gi
 47      volumeType: hostPath # e.g.) hostPath or AKS
 48      storageClass: "-" # e.g.) azurefile or - (None)
 49      # matchLabels:
 50      #   release: "stable"
 51      # matchExpressions:
 52      #   - {key: environment, operator: In, values: [dev]}
 53  pfDatabaseDefinition:
 54    config:
 55      DB_VENDOR: "mariadb"
 56      DB_HOST: "mariadb"
 57      DB_PORT: "3306"
 58      DB_DATABASE: "platform"
 59    secret:
 60      DB_ADMIN_USER: "root"
 61      DB_ADMIN_PASSWORD: "Ch@ngeMeDBAdm"
 62      DB_USER: "pf-user"
 63      DB_PASSWORD: "Ch@ngeMePFDB"
 64  keycloakDefinition:
 65    secret:
 66      SYSTEM_ADMIN: "admin"
 67      SYSTEM_ADMIN_PASSWORD: "Ch@ngeMeKCAdm"
 68      KEYCLOAK_DB_USER: "keycloak"
 69      KEYCLOAK_DB_PASSWORD: "Ch@ngeMeKCADB"
 70  gitlabDefinition:
 71    config:
 72      GITLAB_PROTOCOL: "http"
 73      GITLAB_HOST: "" # "gitlab" if use container.
 74      GITLAB_PORT: "8080"
 75    secret:
 76      GITLAB_ROOT_PASSWORD: "Ch@ngeMeGL"
 77      GITLAB_ROOT_TOKEN: "change-this-token"
 78  mongoDefinition:
 79    config:
 80      MONGO_PROTOCOL: "http"
 81      MONGO_HOST: "mongo" # "mongo" if use container.
 82      MONGO_PORT: "27017"
 83    secret:
 84      MONGO_ADMIN_USER: "admin"
 85      MONGO_ADMIN_PASSWORD: "Ch@ngeMeMGAdm"
 86
 87exastro-it-automation:
 88  ita-api-admin:
 89    replicaCount: 1
 90    image:
 91      repository: "docker.io/exastro/exastro-it-automation-api-admin"
 92      tag: ""
 93      pullPolicy: IfNotPresent
 94    extraEnv:
 95      PLATFORM_API_HOST: "platform-api"
 96      PLATFORM_API_PORT: "8000"
 97
 98  ita-api-organization:
 99    replicaCount: 1
100    image:
101      repository: "docker.io/exastro/exastro-it-automation-api-organization"
102      tag: ""
103      pullPolicy: IfNotPresent
104    extraEnv:
105      PLATFORM_API_HOST: "platform-api"
106      PLATFORM_API_PORT: "8000"
107
108  ita-api-oase-receiver:
109    replicaCount: 1
110    image:
111      repository: "docker.io/exastro/exastro-it-automation-api-oase-receiver"
112      tag: ""
113      pullPolicy: IfNotPresent
114    extraEnv:
115      LISTEN_PORT: "8000"
116      PLATFORM_API_HOST: "platform-api"
117      PLATFORM_API_PORT: "8000"
118
119  ita-api-ansible-execution-receiver:
120    replicaCount: 1
121    image:
122      repository: "docker.io/exastro/exastro-it-automation-api-ansible-execution-receiver"
123      tag: ""
124      pullPolicy: IfNotPresent
125    extraEnv:
126      LISTEN_PORT: "8000"
127      PLATFORM_API_HOST: "platform-api"
128      PLATFORM_API_PORT: "8000"
129
130  ita-by-ansible-execute:
131    replicaCount: 1
132    image:
133      repository: "docker.io/exastro/exastro-it-automation-by-ansible-execute"
134      tag: ""
135      pullPolicy: IfNotPresent
136    extraEnv:
137      EXECUTE_INTERVAL: "3"
138      ANSIBLE_AGENT_IMAGE: "docker.io/exastro/exastro-it-automation-by-ansible-agent"
139      ANSIBLE_AGENT_IMAGE_TAG: ""
140      PLATFORM_API_HOST: "platform-api"
141      PLATFORM_API_PORT: "8000"
142    serviceAccount:
143      create: false
144      name: "ita-by-ansible-execute-sa"
145
146  ita-by-ansible-legacy-role-vars-listup:
147    replicaCount: 1
148    extraEnv:
149      EXECUTE_INTERVAL: "10"
150      PLATFORM_API_HOST: "platform-api"
151      PLATFORM_API_PORT: "8000"
152    image:
153      repository: "docker.io/exastro/exastro-it-automation-by-ansible-legacy-role-vars-listup"
154      tag: ""
155      pullPolicy: IfNotPresent
156
157  ita-by-ansible-legacy-vars-listup:
158    replicaCount: 1
159    extraEnv:
160      EXECUTE_INTERVAL: "10"
161      PLATFORM_API_HOST: "platform-api"
162      PLATFORM_API_PORT: "8000"
163    image:
164      repository: "docker.io/exastro/exastro-it-automation-by-ansible-legacy-vars-listup"
165      tag: ""
166      pullPolicy: IfNotPresent
167
168  ita-by-ansible-pioneer-vars-listup:
169    replicaCount: 1
170    extraEnv:
171      EXECUTE_INTERVAL: "10"
172      PLATFORM_API_HOST: "platform-api"
173      PLATFORM_API_PORT: "8000"
174    image:
175      repository: "docker.io/exastro/exastro-it-automation-by-ansible-pioneer-vars-listup"
176      tag: ""
177      pullPolicy: IfNotPresent
178
179  ita-by-ansible-towermaster-sync:
180    replicaCount: 1
181    extraEnv:
182      EXECUTE_INTERVAL: "10"
183      PLATFORM_API_HOST: "platform-api"
184      PLATFORM_API_PORT: "8000"
185    image:
186      repository: "docker.io/exastro/exastro-it-automation-by-ansible-towermaster-sync"
187      tag: ""
188      pullPolicy: IfNotPresent
189
190  ita-by-cicd-for-iac:
191    replicaCount: 1
192    extraEnv:
193      EXECUTE_INTERVAL: "10"
194      PLATFORM_API_HOST: "platform-api"
195      PLATFORM_API_PORT: "8000"
196    image:
197      repository: "docker.io/exastro/exastro-it-automation-by-cicd-for-iac"
198      tag: ""
199      pullPolicy: IfNotPresent
200
201  ita-by-collector:
202    replicaCount: 1
203    extraEnv:
204      EXECUTE_INTERVAL: "10"
205      PLATFORM_API_HOST: "platform-api"
206      PLATFORM_API_PORT: "8000"
207    image:
208      repository: "docker.io/exastro/exastro-it-automation-by-collector"
209      tag: ""
210      pullPolicy: IfNotPresent
211
212  ita-by-conductor-regularly:
213    replicaCount: 1
214    extraEnv:
215      EXECUTE_INTERVAL: "10"
216      PLATFORM_API_HOST: "platform-api"
217      PLATFORM_API_PORT: "8000"
218    image:
219      repository: "docker.io/exastro/exastro-it-automation-by-conductor-regularly"
220      tag: ""
221      pullPolicy: IfNotPresent
222
223  ita-by-conductor-synchronize:
224    replicaCount: 1
225    extraEnv:
226      EXECUTE_INTERVAL: "3"
227      PLATFORM_API_HOST: "platform-api"
228      PLATFORM_API_PORT: "8000"
229    image:
230      repository: "docker.io/exastro/exastro-it-automation-by-conductor-synchronize"
231      tag: ""
232      pullPolicy: IfNotPresent
233
234  ita-by-excel-export-import:
235    replicaCount: 1
236    extraEnv:
237      EXECUTE_INTERVAL: "10"
238      PLATFORM_API_HOST: "platform-api"
239      PLATFORM_API_PORT: "8000"
240    image:
241      repository: "docker.io/exastro/exastro-it-automation-by-excel-export-import"
242      tag: ""
243      pullPolicy: IfNotPresent
244
245  ita-by-execinstance-dataautoclean:
246    replicaCount: 1
247    extraEnv:
248      EXECUTE_INTERVAL: "10"
249      PLATFORM_API_HOST: "platform-api"
250      PLATFORM_API_PORT: "8000"
251    image:
252      repository: "docker.io/exastro/exastro-it-automation-by-execinstance-dataautoclean"
253      tag: ""
254      pullPolicy: IfNotPresent
255
256  ita-by-file-autoclean:
257    replicaCount: 1
258    extraEnv:
259      EXECUTE_INTERVAL: "10"
260      PLATFORM_API_HOST: "platform-api"
261      PLATFORM_API_PORT: "8000"
262    image:
263      repository: "docker.io/exastro/exastro-it-automation-by-file-autoclean"
264      tag: ""
265      pullPolicy: IfNotPresent
266
267  ita-by-hostgroup-split:
268    replicaCount: 1
269    extraEnv:
270      EXECUTE_INTERVAL: "10"
271      PLATFORM_API_HOST: "platform-api"
272      PLATFORM_API_PORT: "8000"
273    image:
274      repository: "docker.io/exastro/exastro-it-automation-by-hostgroup-split"
275      tag: ""
276      pullPolicy: IfNotPresent
277
278  ita-by-menu-create:
279    replicaCount: 1
280    extraEnv:
281      EXECUTE_INTERVAL: "10"
282      PLATFORM_API_HOST: "platform-api"
283      PLATFORM_API_PORT: "8000"
284    image:
285      repository: "docker.io/exastro/exastro-it-automation-by-menu-create"
286      tag: ""
287      pullPolicy: IfNotPresent
288
289  ita-by-menu-export-import:
290    replicaCount: 1
291    extraEnv:
292      EXECUTE_INTERVAL: "10"
293      PLATFORM_API_HOST: "platform-api"
294      PLATFORM_API_PORT: "8000"
295    image:
296      repository: "docker.io/exastro/exastro-it-automation-by-menu-export-import"
297      tag: ""
298      pullPolicy: IfNotPresent
299
300  ita-by-oase-conclusion:
301    replicaCount: 1
302    extraEnv:
303      EXECUTE_INTERVAL: "10"
304      PLATFORM_API_HOST: "platform-api"
305      PLATFORM_API_PORT: "8000"
306    image:
307      repository: "docker.io/exastro/exastro-it-automation-by-oase-conclusion"
308      tag: ""
309      pullPolicy: IfNotPresent
310
311  ita-by-terraform-cli-execute:
312    replicaCount: 1
313    extraEnv:
314      EXECUTE_INTERVAL: "3"
315      PLATFORM_API_HOST: "platform-api"
316      PLATFORM_API_PORT: "8000"
317    image:
318      repository: "docker.io/exastro/exastro-it-automation-by-terraform-cli-execute"
319      tag: ""
320      pullPolicy: IfNotPresent
321
322  ita-by-terraform-cli-vars-listup:
323    replicaCount: 1
324    extraEnv:
325      EXECUTE_INTERVAL: "10"
326      PLATFORM_API_HOST: "platform-api"
327      PLATFORM_API_PORT: "8000"
328    image:
329      repository: "docker.io/exastro/exastro-it-automation-by-terraform-cli-vars-listup"
330      tag: ""
331      pullPolicy: IfNotPresent
332
333  ita-by-terraform-cloud-ep-execute:
334    replicaCount: 1
335    extraEnv:
336      EXECUTE_INTERVAL: "3"
337      PLATFORM_API_HOST: "platform-api"
338      PLATFORM_API_PORT: "8000"
339    image:
340      repository: "docker.io/exastro/exastro-it-automation-by-terraform-cloud-ep-execute"
341      tag: ""
342      pullPolicy: IfNotPresent
343
344  ita-by-terraform-cloud-ep-vars-listup:
345    replicaCount: 1
346    extraEnv:
347      EXECUTE_INTERVAL: "10"
348      PLATFORM_API_HOST: "platform-api"
349      PLATFORM_API_PORT: "8000"
350    image:
351      repository: "docker.io/exastro/exastro-it-automation-by-terraform-cloud-ep-vars-listup"
352      tag: ""
353      pullPolicy: IfNotPresent
354
355  ita-web-server:
356    replicaCount: 1
357    image:
358      repository: "docker.io/exastro/exastro-it-automation-web-server"
359      tag: ""
360      pullPolicy: IfNotPresent
361
362  ita-migration:
363    extraEnv:
364      PLATFORM_API_HOST: "platform-api"
365      PLATFORM_API_PORT: "8000"
366    image:
367      repository: "docker.io/exastro/exastro-it-automation-migration"
368      tag: ""
369      pullPolicy: IfNotPresent
370
371exastro-platform:
372  platform-api:
373    image:
374      repository: "docker.io/exastro/exastro-platform-api"
375      tag: ""
376
377  platform-auth:
378    extraEnv:
379      # Please set the URL to access
380      EXTERNAL_URL: ""
381      EXTERNAL_URL_MNG: ""
382    ingress:
383      enabled: true
384      hosts:
385        - host: exastro-suite.example.local
386          paths:
387            - path: /
388              pathType: Prefix
389              backend: "http"
390        - host: exastro-suite-mng.example.local
391          paths:
392            - path: /
393              pathType: Prefix
394              backend: "httpMng"
395      tls: []
396        # - secretName: chart-example-tls
397        #   hosts:
398        #     - chart-example.local
399      secrets: []
400        # - name: chart-example-tls
401        #   certificate: |-
402        #     -----BEGIN CERTIFICATE-----
403        #     ...
404        #     -----END CERTIFICATE-----
405        #   key: |-
406        #     -----BEGIN PRIVATE KEY-----
407        #     ...
408        #     -----END PRIVATE KEY-----
409    service:
410      type: ClusterIP
411      # http:
412      #   nodePort: 30080
413      # httpMng:
414      #   nodePort: 30081
415    image:
416      repository: "docker.io/exastro/exastro-platform-auth"
417      tag: ""
418
419  platform-job:
420    extraEnv:
421      # LOG_LEVEL: "INFO"
422      # SUB_PROCESS_TERMINATE_REQUEST_SECONDS: "1800"
423      # SUB_PROCESS_ACCEPTABLE: "2"
424      # SUB_PROCESS_MAX_JOBS: "10"
425      # SUB_PROCESS_WATCH_INTERVAL_SECONDS: "1.0"
426      # SUB_PROCESS_DB_RECONNECT_INTERVAL_SECONDS: "60"
427      # SUB_PROCESS_DB_HEALTH_CHECK_INTERVAL_SECONDS: "5"
428      # SUB_PROCESS_MAX_CANCEL_TIMEOUT: "10"
429      # JOB_STATUS_WATCH_INTERVAL_SECONDS: "1.0"
430      # JOB_CANCEL_TIMEOUT_SECONDS: "5.0"
431      # JOB_NOTIFICATION_TIMEOUT_SECONDS: "20"
432      # JOB_NOTIFICATION_TEAMS_CONNECTION_TIMEOUT: "3.0"
433      # JOB_NOTIFICATION_TEAMS_READ_TIMEOUT: "10.0"
434      # JOB_NOTIFICATION_SMTP_TIMEOUT: "10.0"
435      # JOB_NOTIFICATION_SMTPS_SSL_VERIFY_ENABLED: "TRUE"
436      # JOB_FORCE_UPDATE_STATUS_TIMEOUT_SECONDS: "60"
437      # JOB_FORCE_UPDATE_STATUS_INTERVAL_SECONDS: "180"
438      # JOB_FORCE_UPDATE_STATUS_PROGRASS_SECONDS: "600"
439    image:
440      repository: "docker.io/exastro/exastro-platform-job"
441      tag: ""
442
443  platform-migration:
444    image:
445      repository: "docker.io/exastro/exastro-platform-migration"
446      tag: ""
447
448  platform-web:
449    image:
450      repository: "docker.io/exastro/exastro-platform-web"
451      tag: ""
452
453  mariadb:
454    enabled: true
455    image:
456      repository: "docker.io/mariadb"
457      tag: "10.11"
458      pullPolicy: IfNotPresent
459    imagePullSecrets: []
460    persistence:
461      enabled: true
462      accessMode: ReadWriteOnce
463      size: 20Gi
464      storageClass: "-" # e.g.) azurefile or - (None)
465      matchLabels:
466        name: pv-database
467      matchExpressions:
468        # - {key: name, operator: In, values: [pv-database]}
469    dbSetup:
470      dbConfInfo:
471        name: mysql-server-conf-config
472        customCnf: |-
473          [mysqld]
474          character-set-server=utf8mb4
475          collation-server=utf8mb4_bin
476          secure_file_priv=/tmp
477          lower_case_table_names=1
478          [client]
479          default-character-set=utf8mb4
480    resources:
481      requests:
482        memory: "256Mi"
483        cpu: "1m"
484      limits:
485        memory: "2Gi"
486        cpu: "4"
487
488  keycloak:
489    enabled: true
490    image:
491      repository: "docker.io/exastro/keycloak"
492      tag: ""
493      pullPolicy: IfNotPresent
494    extraEnv:
495      # If you use Azure MySQL, add options like below
496      # KC_DB_URL_PROPERTIES: "?useSSL=false"
497    resources: {}
498      # requests:
499      #   memory: "256Mi"
500      #   cpu: "1m"
501      # limits:
502      #   memory: "2Gi"
503      #   cpu: "4"
504
505  gitlab:
506    enabled: false
507    extraEnv:
508      GITLAB_OMNIBUS_CONFIG: |
509        postgresql['shared_buffers'] = "2048MB"
510        postgresql['work_mem'] = "128MB"
511        postgresql['maintenance_work_mem'] = "128MB"
512        postgresql['effective_cache_size'] = "128MB"
513        postgresql['checkpoint_segments'] = 16
514        postgresql['checkpoint_timeout'] = "10min"
515        external_url 'http://gitlab:40080'
516        nginx['listen_port'] = 40080
517        gitlab_rails['initial_root_password'] = "${GITLAB_ROOT_PASSWORD:-}"
518        gitlab_rails['registry_enabled'] = false;
519        gitlab_rails['db_prepared_statements'] = false;
520        gitlab_rails['monitoring_whitelist'] = ['0.0.0.0/0']
521        # gitlab_rails['env'] = {'MALLOC_CONF' => 'dirty_decay_ms:1000,muzzy_decay_ms:1000'}
522        # puma['worker_processes'] = 0
523        prometheus_monitoring['enable'] = false
524        # sidekiq['max_concurrency'] = 10
525        # gitaly['env'] = {'MALLOC_CONF' => 'dirty_decay_ms:1000,muzzy_decay_ms:1000', 'GITALY_COMMAND_SPAWN_MAX_PARALLEL' => '2'}
526      GITLAB_POST_RECONFIGURE_SCRIPT: |
527        while ! curl -sfI -o /dev/null http://localhost:40080/-/readiness;
528        do
529        echo "GitLab service is not ready."
530        sleep 1
531        done
532        echo "GitLab service started normally"
533        curl -Ssf -H "PRIVATE-TOKEN: ${GITLAB_ROOT_TOKEN:-}" "http://localhost:40080/api/v4/version" || (
534          gitlab-rails runner "token = User.find_by_username('root').personal_access_tokens.create(scopes: [:api, :write_repository, :sudo], name: 'exastro system token'); token.set_token('${GITLAB_ROOT_TOKEN:-}'); token.save!"
535        )
536        echo "GitLab post reconfigure script ended."
537    image:
538      repository: "docker.io/gitlab/gitlab-ce"
539      tag: "15.11.13-ce.0"
540      pullPolicy: IfNotPresent
541      # Overrides the image tag whose default is the chart appVersion.
542    persistence:
543      enabled: true
544      volumeName: pv-gitlab
545      accessMode: ReadWriteMany
546      size: 20Gi
547      storageClass: "-" # e.g.) azurefile or - (None)
548      matchLabels:
549        name: pv-gitlab
550      matchExpressions:
551        # - {key: name, operator: In, values: [pv-gitlab]}
552    resources: {}
553      # requests:
554      #   memory: "4Gi"
555      #   cpu: "4"
556      # limits:
557      #   memory: "8Gi"
558      #   cpu: "8"
559    service:
560      type: ClusterIP
561      name: gitlab
562      port: 40080
563      # nodePort: 30082
564
565  mongo:
566    enabled: true
567    image:
568      repository: "docker.io/mongo"
569      pullPolicy: IfNotPresent
570      # Overrides the image tag whose default is the chart appVersion.
571      tag: "6.0"
572    persistence:
573      enabled: true
574      accessMode: ReadWriteOnce
575      size: 20Gi
576      storageClass: "-" # e.g.) azurefile, local-path or - (None)
577      matchLabels:
578        # release: "pv-mongo"
579      matchExpressions:
580        # - {key: name, operator: In, values: [pv-mongo]}
581    dbSetup:
582      dbConfInfo:
583        name: mongo-server-conf-config
584        customCnf: |
585          systemLog:
586            verbosity: 0
587            # destination: file
588            # path: /root/logs/mongod.log
589            timeStampFormat: iso8601-utc
590          # storage:
591          #   directoryPerDB: true
592          #   dbPath: /root/data
593          #   engine: wiredTiger
594          #   wiredTiger:
595          #     engineConfig:
596          #       cacheSizeGB: 1
597          #   journal:
598          #     enabled: true
599          # processManagement:
600          #   fork: true
601          # net:
602          #   port: 27017
603          #   bindIp: 0.0.0.0
604          # security:
605          #   authorization: enabled
606    resources: {}
607      # requests:
608      #   memory: "4Gi"
609      #   cpu: "4"
610      # limits:
611      #   memory: "8Gi"
612      #   cpu: "4"
613    affinity:
614      podAntiAffinity:
615        requiredDuringSchedulingIgnoredDuringExecution:
616        - labelSelector:
617            matchExpressions:
618            - key: name
619              operator: In
620              values:
621              - mongo
622          topologyKey: kubernetes.io/hostname
In the next section, the manual will explain how to set the correct parameters to exastro.yaml needed to install Exastro.

Service publish settings

There are 3 main methods to publish Exastro.

  • Ingress

  • LoadBalancer

  • NodePort

注釈

There are different methods other than the ones introduced in this manual. We recommend that the users uses one that fits their environment.

Parameters

See the following for what parameters can be used.
表 4 Exastro Platform 認証機能のオプションパラメータ

パラメータ

説明

変更

デフォルト値・選択可能な設定値

exastro-platform.platform-auth.extraEnv.EXTERNAL_URL
Exastro Platform エンドポイントの公開URL。
リバースプロキシや PAT(Port Address Transport) などにより、Exastro のエンドポイントと公開時の URL に齟齬が発生することで、サービス接続に失敗する場合に設定をする必要があります。

公開用エンドポイントのURL
(http[s]://your-exastro.domain:port)

exastro-platform.platform-auth.extraEnv.EXTERNAL_URL_MNG
Exastro Platform 管理コンソールのエンドポイントの公開URL。
リバースプロキシや PAT(Port Address Transport) などにより、Exastro のエンドポイントと公開時の URL に齟齬が発生することで、サービス接続に失敗する場合に設定をする必要があります。

公開用エンドポイントのURL
(http[s]://your-exastro.domain:port)

exastro-platform.platform-auth.extraEnv.AUDIT_LOG_ENABLED
監査ログの出力有無。

True (デフォルト): 出力する
False: 出力しない

exastro-platform.platform-auth.extraEnv.AUDIT_LOG_PATH
監査ログのファイル名(ファイルパス)。

exastro-audit.log (デフォルト)

exastro-platform.platform-auth.extraEnv.AUDIT_LOG_FILE_MAX_BYTE
監査ログファイルの最大サイズ(Byte)を指定できます。

100000000 (デフォルト)

exastro-platform.platform-auth.extraEnv.AUDIT_LOG_BACKUP_COUNT
監査ログファイルのバックアップカウント数。
監査ログファイルの最大サイズ(Byte)を超えた際、ファイル名に"."+数値で指定された値の分、バックアップされます。

30 (デフォルト)

exastro-platform.platform-auth.ingress.enabled

Exastro Platform における Ingress 利用の要否

true (デフォルト): Exastro Platform にアクセスするための Ingress Controller をデプロイします。
false : Ingress Controller をデプロイしません。

exastro-platform.platform-auth.ingress.hosts[0].host
Exastro Platform 管理コンソールエンドポイントのホスト名、もしくは、FQDN
別途、DNSへのレコード登録が必要です。

可 (Ingress利用時)

"exastro-suite.example.local"

exastro-platform.platform-auth.ingress.hosts[0].paths[0].path

Exastro Platform 管理コンソールエンドポイントのパスのルール

不可

"/"

exastro-platform.platform-auth.ingress.hosts[0].paths[0].pathType

Exastro Platform 管理コンソールエンドポイントのパスの一致条件

不可

"Prefix"

exastro-platform.platform-auth.ingress.hosts[0].paths[0].backend

Exastro Platform 管理コンソールのサービス名

不可

"http"

exastro-platform.platform-auth.ingress.hosts[1].host
Exastro Platform エンドポイントのホスト名、もしくは、FQDN
別途、DNSへのレコード登録が必要です。

可 (Ingress利用時)

"exastro-suite-mng.example.local"

exastro-platform.platform-auth.ingress.hosts[1].paths[0].path

Exastro Platform エンドポイントのパスのルール

不可

"/"

exastro-platform.platform-auth.ingress.hosts[1].paths[0].pathType

Exastro Platform エンドポイントのパスの一致条件

不可

"Prefix"

exastro-platform.platform-auth.ingress.hosts[1].paths[0].backend

Exastro Platform エンドポイントのエンドポイントのサービス名

不可

"httpMng"

exastro-platform.platform-auth.ingress.tls[0].secretName

Exastro Platform 公開用エンドポイントのSSL/TLS 証明書を保管している Kubernetes シークレット名

可 (Ingress利用時)

任意の文字列

exastro-platform.platform-auth.ingress.tls[0].hosts

Exastro Platform 公開用エンドポイントのSSL/TLSを使用するホスト名、もしくは、FQDN

可 (Ingress利用時)

任意の文字列

exastro-platform.platform-auth.ingress.secrets[0].name

Exastro Platform 公開用エンドポイントのSSL/TLS 証明書を保管する Kubernetes シークレット名

可 (Ingress利用時)

任意の文字列

exastro-platform.platform-auth.ingress.secrets[0].certificate

Exastro Platform 公開用エンドポイントのSSL/TLS 証明書に使用する証明書ファイルの値

可 (Ingress利用時)
証明書ファイルの値の例
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

exastro-platform.platform-auth.ingress.secrets[0].key

Exastro Platform 公開用エンドポイントのSSL/TLS 証明書に使用する鍵ファイルの値

可 (Ingress利用時)
鍵ファイルの値の例
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----

exastro-platform.platform-auth.service.type

Exastro Platform のサービスタイプ

ClusterIP (デフォルト): Ingress Controller を利用する場合などに選択
LoadBalancer : LoadBalancer を利用する場合に選択
NodePort : NodePort を利用する場合に選択

exastro-platform.platform-auth.service.http.nodePort
Exastro Platform のサービス用公開ポート番号

可 (NodePort利用時)

"30080"

exastro-platform.platform-auth.service.httpMng.nodePort
Exastro Platform のシステム管理用公開ポート番号

可 (NodePort利用時)

"30081"

exastro-platform.platform-auth.image.repository

コンテナイメージのリポジトリ名

不可

"docker.io/exastro/exastro-platform-auth"

exastro-platform.platform-auth.image.tag

コンテナイメージのタグ

不可

""

Setting example

This sections displays examples of the settings for publishing the service.

  • Features

The service can be published if Ingress Controller is usable through Public clouds or other means.
This method requires the user to construct a loadBalancer within the cluster and comes with benefits and merits if the user wants to be able to operate it themselves.

  • Setting example

The service is published using DNS by registering the Service domain information to Ingress.
For checking Domain names in Azure, see Azure Kubernetes Service.
Specify the annotations required by the Cloud provider.
The following example uses AKS's Ingress Controller.
リスト 4 exastro.yaml
--- /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro.yaml
+++ /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro_ingress_setting.yaml
@@ -377,17 +377,26 @@
   platform-auth:
     extraEnv:
       # Please set the URL to access
-      EXTERNAL_URL: ""
-      EXTERNAL_URL_MNG: ""
+      EXTERNAL_URL: "http://exastro-suite.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io"
+      EXTERNAL_URL_MNG: "http://exastro-suite-mng.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io"
     ingress:
       enabled: true
+      annotations:
+        kubernetes.io/ingress.class: addon-http-application-routing
+        nginx.ingress.kubernetes.io/proxy-body-size: "0"
+        nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
+        nginx.ingress.kubernetes.io/proxy-buffer-size: 256k
+        nginx.ingress.kubernetes.io/server-snippet: |
+          client_header_buffer_size 100k;
+          large_client_header_buffers 4 100k;
+
       hosts:
-        - host: exastro-suite.example.local
+        - host: exastro-suite.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io
           paths:
             - path: /
               pathType: Prefix
               backend: "http"
-        - host: exastro-suite-mng.example.local
+        - host: exastro-suite-mng.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io
           paths:
             - path: /
               pathType: Prefix
※ Make sure to configure max time-out time (seconds) for processes where large amount of files might be uploaded.
リスト 5 ingress - annotations
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
※ If HTTPS connectivity is activated while using Ingress, the following settings must be configured.
リスト 6 exastro.yaml
 platform-auth:
   extraEnv:
     # Please set the URL to access
  -      EXTERNAL_URL: "http://exastro-suite.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io"
  -      EXTERNAL_URL_MNG: "http://exastro-suite-mng.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io"
  +      EXTERNAL_URL: "https://exastro-suite.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io"
  +      EXTERNAL_URL_MNG: "https://exastro-suite-mng.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io"
       ingress:
         enabled: true
         annotations:
           kubernetes.io/ingress.class: addon-http-application-routing
           nginx.ingress.kubernetes.io/proxy-body-size: "0"
           nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
           nginx.ingress.kubernetes.io/proxy-buffer-size: 256k
           nginx.ingress.kubernetes.io/server-snippet: |
             client_header_buffer_size 100k;
             large_client_header_buffers 4 100k;
         hosts:
           - host: exastro-suite.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io
             paths:
               - path: /
                 pathType: Prefix
                 backend: "http"
           - host: exastro-suite-mng.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io
             paths:
               - path: /
                 pathType: Prefix
                 backend: "httpMng"
  -      tls: []
  +      tls:
  +        - secretName: exastro-suite-tls
  +          hosts:
  +            - exastro-suite.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io
  +            - exastro-suite-mng.xxxxxxxxxxxxxxxxxx.japaneast.aksapp.io
  -      secrets: []
  +      secrets:
  +        - name: exastro-suite-tls
  +          certificate: |-
  +            -----BEGIN CERTIFICATE-----
  +            ...
  +            -----END CERTIFICATE-----
  +          key: |-
  +            -----BEGIN PRIVATE KEY-----
  +            ...
  +            -----END PRIVATE KEY-----

App DB user settings

Configure DB users in for applications in Exastro.

Setting example

Configure DB users for each of the following.

  • Exastro IT Automation

  • Exastro platform

  • Keycloak

警告

Authorization information can be all plaintext(Base64 encoding not required).

  1. Configure Exastro IT Automation database

    Configure DB user that will be used and created by applications.
表 16 共通設定 (Exastro IT Automation 用データベース) のオプションパラメータ

パラメータ

説明

変更

デフォルト値・選択可能な設定値

global.itaDatabaseDefinition.name

Exastro IT Automation 用データベースの定義名

不可

"ita-database"

global.itaDatabaseDefinition.enabled

Exastro IT Automation 用データベースの定義の利用有無

不可

true

global.itaDatabaseDefinition.config.DB_VENDOR

Exastro IT Automation 用データベースで使用するデータベース

可 (外部データベース利用時)
"mariadb" (デフォルト): MariaDB を利用
"mysql": MySQL を利用

global.itaDatabaseDefinition.config.DB_HOST
Exastro IT Automation 用データベース利用するDB
デフォルト状態では、同一の Kubernetes クラスタ内にデプロイされるコンテナを指定しています。
クラスタ外部の DB を利用する場合には設定が必要となります。

可 (外部データベース利用時)

"mariadb"

global.itaDatabaseDefinition.config.DB_PORT

Exastro IT Automation 用データベースで利用するポート番号(TCP)

可 (外部データベース利用時)

"3306"

global.itaDatabaseDefinition.config.DB_DATABASE

Exastro IT Automation 用データベースで利用するデータベース名

可 (外部データベース利用時)

"platform"

global.itaDatabaseDefinition.secret.DB_ADMIN_USER

Exastro IT Automation 用データベースで利用する管理権限を持つDBユーザ名

必須

管理権限を持つDBユーザ名

global.itaDatabaseDefinition.secret.DB_ADMIN_PASSWORD

Exastro IT Automation 用データベースで利用する管理権限を持つDBユーザのパスワード(エンコードなし)

必須

管理権限を持つDBユーザ名のパスワード

global.itaDatabaseDefinition.secret.DB_USER
Exastro IT Automation 用データベースに作成するDBユーザ名。
指定した DB ユーザが作成される。

必須

任意の文字列

global.itaDatabaseDefinition.secret.DB_PASSWORD

Exastro IT Automation 用データベースに作成するDBユーザのパスワード(エンコードなし)

必須

任意の文字列
リスト 21 exastro.yaml
--- /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro.yaml
+++ /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro_db_user_ita.yaml
@@ -28,8 +28,8 @@
     secret:
       DB_ADMIN_USER: "root"
       DB_ADMIN_PASSWORD: "Ch@ngeMeDBAdm"
-      DB_USER: "ITA_USER"
-      DB_PASSWORD: "Ch@ngeMeITADB"
+      DB_USER: "ita-db-user"                # Exastro IT Automation のアプリが使うDBユーザー
+      DB_PASSWORD: "ita-db-user-password"   # Exastro IT Automation のアプリが使うDBユーザーのパスワード
   pfGlobalDefinition:
     config:
       DEFAULT_LANGUAGE: "ja"

  1. Configure Keycloak database

    Configure DB user that will be used and created by applications.
表 17 共通設定 (Keycloak) のオプションパラメータ

パラメータ

説明

変更

デフォルト値・選択可能な設定値

global.keycloakDefinition.name

Keycloak の定義名

不可

keycloak

global.keycloakDefinition.enabled

Keycloak の定義の利用有無

不可

true

global.keycloakDefinition.config.API_KEYCLOAK_PROTOCOL

Keycloak API エンドポイントのプロトコル

不可

"http”

global.keycloakDefinition.config.API_KEYCLOAK_HOST

Keycloak API エンドポイントのホスト名、もしくは、FQDN

不可

"keycloak"

global.keycloakDefinition.config.API_KEYCLOAK_PORT

Keycloak API エンドポイントのポート番号

不可

"8080"

global.keycloakDefinition.config.KEYCLOAK_PROTOCOL

Keycloak エンドポイントのプロトコル

不可

"http"

global.keycloakDefinition.config.KEYCLOAK_HOST

Keycloak エンドポイントのホスト名、もしくは、FQDN

不可

"keycloak"

global.keycloakDefinition.config.KEYCLOAK_PORT

Keycloak API エンドポイントのポート番号

不可

"8080"

global.keycloakDefinition.config.KEYCLOAK_MASTER_REALM

Keycloak のマスターレルム名

不可

"master"

global.keycloakDefinition.config.KEYCLOAK_DB_DATABASE

Keycloak が利用するデータベース名

不可

"keycloak"

global.keycloakDefinition.secret.SYSTEM_ADMIN
Keycloak のマスターレルムにおける管理権限を持ったユーザ名を指定。
指定した Keycloak ユーザが作成される。
※KEYCLOAK_USER→SYSTEM_ADMINに変更

必須

任意の文字列

global.keycloakDefinition.secret.SYSTEM_ADMIN_PASSWORD
Keycloak のマスターレルムにおける管理権限を持ったユーザに設定するパスワード(エンコードなし)
※KEYCLOAK_PASSWORD→SYSTEM_ADMIN_PASSWORDに変更

必須

任意の文字列

global.keycloakDefinition.secret.KEYCLOAK_DB_USER
Keycloak が使用するデータベースユーザ。
指定した DB ユーザが作成される。

必須

任意の文字列

global.keycloakDefinition.secret.KEYCLOAK_DB_PASSWORD

Keycloak が使用するデータベースユーザのパスワード(エンコードなし)

必須

任意の文字列
リスト 22 exastro.yaml
--- /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro.yaml
+++ /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro_db_user_keycloak.yaml
@@ -65,8 +65,8 @@
     secret:
       SYSTEM_ADMIN: "admin"
       SYSTEM_ADMIN_PASSWORD: "Ch@ngeMeKCAdm"
-      KEYCLOAK_DB_USER: "keycloak"
-      KEYCLOAK_DB_PASSWORD: "Ch@ngeMeKCADB"
+      KEYCLOAK_DB_USER: "keycloak-db-user"               # Keycloak が使うDBユーザー
+      KEYCLOAK_DB_PASSWORD: "keycloak-db-user-password"  # Keycloak が使うDBユーザーのパスワード
   gitlabDefinition:
     config:
       GITLAB_PROTOCOL: "http"

  1. Configure Exastro platform database

    Configure DB user that will be used and created by applications.
表 18 共通設定 (Exastro 共通基盤用データベース) のオプションパラメータ

パラメータ

説明

変更

デフォルト値・選択可能な設定値

global.pfDatabaseDefinition.name

認証機能用データベースの定義名

不可

"pf-database"

global.pfDatabaseDefinition.enabled

認証機能用データベースの定義の有効有無

不可

true

global.pfDatabaseDefinition.config.DB_VENDOR

認証機能用データベースで使用するデータベース

可 (外部データベース利用時)
"mariadb" (デフォルト): MariaDB を利用
"mysql": MySQL を利用

global.pfDatabaseDefinition.config.DB_HOST
認証機能用データベース利用するDB
デフォルト状態では、同一の Kubernetes クラスタ内にデプロイされるコンテナを指定しています。
クラスタ外部の DB を利用する場合には設定が必要となります。

可 (外部データベース利用時)

"mariadb"

global.pfDatabaseDefinition.config.DB_PORT

認証機能用データベースで利用するポート番号(TCP)

可 (外部データベース利用時)

"3306"

global.pfDatabaseDefinition.config.DB_DATABASE

認証機能用データベースで利用するデータベース名

可 (外部データベース利用時)

"platform"

global.pfDatabaseDefinition.secret.DB_ADMIN_USER

認証機能用データベースで利用する管理権限を持つDBユーザ名

必須

管理権限を持つDBユーザ名

global.pfDatabaseDefinition.secret.DB_ADMIN_PASSWORD

認証機能用データベースで利用する管理権限を持つDBユーザのパスワード(エンコードなし)

必須

管理権限を持つDBユーザ名のパスワード

global.pfDatabaseDefinition.secret.DB_USER
認証機能用データベースに作成するDBユーザ名。
指定した DB ユーザが作成される。

必須

任意の文字列

global.pfDatabaseDefinition.secret.DB_PASSWORD

認証機能用データベースに作成するDBユーザのパスワード(エンコードなし)

必須

任意の文字列
リスト 23 exastro.yaml
--- /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro.yaml
+++ /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro_db_user_pf.yaml
@@ -59,8 +59,8 @@
     secret:
       DB_ADMIN_USER: "root"
       DB_ADMIN_PASSWORD: "Ch@ngeMeDBAdm"
-      DB_USER: "pf-user"
-      DB_PASSWORD: "Ch@ngeMePFDB"
+      DB_USER: "pf-db-user"           # Exastro 共通基盤が使うDBユーザー
+      DB_PASSWORD: "pf-db-password"   # Exastro 共通基盤が使うDBユーザーのパスワード
   keycloakDefinition:
     secret:
       SYSTEM_ADMIN: "admin"

Proxy settings

Configure the following information when running Exastro under a Proxy environment.

Create Exastro system admin

Configure the infomation that will be used to create the Exastro system admin when setting up Keycloak.
表 19 共通設定 (Keycloak) のオプションパラメータ

パラメータ

説明

変更

デフォルト値・選択可能な設定値

global.keycloakDefinition.name

Keycloak の定義名

不可

keycloak

global.keycloakDefinition.enabled

Keycloak の定義の利用有無

不可

true

global.keycloakDefinition.config.API_KEYCLOAK_PROTOCOL

Keycloak API エンドポイントのプロトコル

不可

"http”

global.keycloakDefinition.config.API_KEYCLOAK_HOST

Keycloak API エンドポイントのホスト名、もしくは、FQDN

不可

"keycloak"

global.keycloakDefinition.config.API_KEYCLOAK_PORT

Keycloak API エンドポイントのポート番号

不可

"8080"

global.keycloakDefinition.config.KEYCLOAK_PROTOCOL

Keycloak エンドポイントのプロトコル

不可

"http"

global.keycloakDefinition.config.KEYCLOAK_HOST

Keycloak エンドポイントのホスト名、もしくは、FQDN

不可

"keycloak"

global.keycloakDefinition.config.KEYCLOAK_PORT

Keycloak API エンドポイントのポート番号

不可

"8080"

global.keycloakDefinition.config.KEYCLOAK_MASTER_REALM

Keycloak のマスターレルム名

不可

"master"

global.keycloakDefinition.config.KEYCLOAK_DB_DATABASE

Keycloak が利用するデータベース名

不可

"keycloak"

global.keycloakDefinition.secret.SYSTEM_ADMIN
Keycloak のマスターレルムにおける管理権限を持ったユーザ名を指定。
指定した Keycloak ユーザが作成される。
※KEYCLOAK_USER→SYSTEM_ADMINに変更

必須

任意の文字列

global.keycloakDefinition.secret.SYSTEM_ADMIN_PASSWORD
Keycloak のマスターレルムにおける管理権限を持ったユーザに設定するパスワード(エンコードなし)
※KEYCLOAK_PASSWORD→SYSTEM_ADMIN_PASSWORDに変更

必須

任意の文字列

global.keycloakDefinition.secret.KEYCLOAK_DB_USER
Keycloak が使用するデータベースユーザ。
指定した DB ユーザが作成される。

必須

任意の文字列

global.keycloakDefinition.secret.KEYCLOAK_DB_PASSWORD

Keycloak が使用するデータベースユーザのパスワード(エンコードなし)

必須

任意の文字列
リスト 25 exastro.yaml
--- /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro.yaml
+++ /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro_usercreate_system_manager.yaml
@@ -63,8 +63,8 @@
       DB_PASSWORD: "Ch@ngeMePFDB"
   keycloakDefinition:
     secret:
-      SYSTEM_ADMIN: "admin"
-      SYSTEM_ADMIN_PASSWORD: "Ch@ngeMeKCAdm"
+      SYSTEM_ADMIN: "admin"                     # Exastro システムのシステム管理者のユーザー名
+      SYSTEM_ADMIN_PASSWORD: "admin-password"   # Exastro システムのシステム管理者のユーザーパスワード
       KEYCLOAK_DB_USER: "keycloak"
       KEYCLOAK_DB_PASSWORD: "Ch@ngeMeKCADB"
   gitlabDefinition:

Configure Persistent volume

In order to persist databases( for container within clusters) and files, the user will have to configure a persistent volume.
For more information regarding persistent volumes, see Persistent Volumes - Kubernetes.
This document describes 2 persisting methods for the following:

注釈

If outputting monitoring logs to a persistent volume, a persistent volume must be configured.

  • Managed disk

  • Kubernetes note directory


  • Features

Storage construction and maintenance is not required if the user is using a storage service provided by a public cloud.

  • Setting example

If the user is using storage from Azure, the user can persist data by defining StorageClass as shown below.
For more information, see Storage options for applications in Azure Kubernetes Service (AKS).
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: exastro-suite-azurefile-csi-nfs
provisioner: file.csi.azure.com
allowVolumeExpansion: true
parameters:
  protocol: nfs
mountOptions:
  - nconnect=8
caption:

storage-class-exastro-suite.yaml

linenos:

リスト 26 exastro.yaml
  itaGlobalDefinition:
    persistence:
      enabled: true
      accessMode: ReadWriteMany
      size: 10Gi
      volumeType: hostPath # e.g.) hostPath or AKS
-      storageClass: "-" # e.g.) azurefile or - (None)
+      storageClass: "azurefile" # e.g.) azurefile or - (None)
※ The following has been configured in Database link.
リスト 27 exastro.yaml
  databaseDefinition:
    persistence:
      enabled: true
      reinstall: false
      accessMode: ReadWriteOnce
      size: 20Gi
      volumeType: hostPath # e.g.) hostPath or AKS
-      storageClass: "-" # e.g.) azurefile or - (None)
+      storageClass: "exastro-suite-azurefile-csi-nfs" # e.g.) azurefile or - (None)
※ Configure the following in order to output monitoring logs to a persistent volume.
リスト 28 exastro.yaml
  pfAuditLogDefinition:
    name: pf-auditlog
    persistence:
-      enabled: false
+      enabled: true
      reinstall: false
      accessMode: ReadWriteMany
      size: 10Gi
      volumeType: hostPath # e.g.) hostPath or AKS
-      storageClass: "-" # e.g.) azurefile or - (None)
+      storageClass: "exastro-suite-azurefile-csi-nfs" # e.g.) azurefile or - (None)

Install

注釈

If the installation fails, follow Uninstall and try reinstalling.

Create Persistent volumes

Apply the manifest file created in Configure Persistent volume and create persistent volume.
# pv-database.yaml
kubectl apply -f pv-database.yaml

# pv-ita-common.yaml
kubectl apply -f pv-ita-common.yaml

# pv-mongo.yaml ※Not required if not using OASE
kubectl apply -f pv-mongo.yaml

# pv-gitlab.yaml ※Not required if using external GitLab
kubectl apply -f pv-gitlab.yaml

# pv-pf-auditlog.yaml ※Not required 監査ログを永続ボリュームに出力しない場合は設定不要
kubectl apply -f pv-pf-auditlog.yaml

# 確認
kubectl get pv

NAME            CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM                                  STORAGECLASS   REASON   AGE
pv-database     20Gi       RWO            Retain           Available                                                                  6s
pv-gitlab       20Gi       RWX            Retain           Available                                                                  5s
pv-ita-common   10Gi       RWX            Retain           Available                                                                  6s
pv-mongo        20Gi       RWO            Retain           Available   exastro/volume-mongo-storage-mongo-0                           5s

Install

See the exastro-helm site <https://github.com/exastro-suite/exastro-helm> for more information regarding the Helm and Application versions.
表 20 Helm チャートとアプリケーションのバージョン

Chart Version

Exastro Version

Exastro IT Automation

Exastro Platform

リリースシナリオ

1.0.2

2.1.0

2.0.3

1.4.0

Exastro IT Automation Version 2.0 GA リリース

...

...

...

...

...

1.1.x

2.2.x

2.1.x

1.x.0

Exastro IT Automation Version 2.1 GA リリース(予定)
The access method changes depending on which publication method was used during installation.
This section describes the methods for Ingress, LoadBalancer and NodePort.
Follow the steps below and start installing.

  1. Use Helm command to install on Kubernetes environment.

    リスト 32 Command
    helm upgrade exastro exastro/exastro --install \
  --namespace exastro --create-namespace \
  --values exastro.yaml
    リスト 33 Output results
    NAME: exastro
LAST DEPLOYED: Sat Jan 28 15:00:02 2023
NAMESPACE: exastro
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Exastro install completion!

1. Execute the following command and wait until the pod becomes "Running" or "Completed":

  # NOTE: You can also append "-w" to the command or wait until the state changes with "watch command"

  kubectl get pods --namespace exastro

2. Get the ENCRYPT_KEY by running these commands:

  # Exastro IT Automation ENCRYPT_KEY
  kubectl get secret ita-secret-ita-global --namespace exastro -o jsonpath='{.data.ENCRYPT_KEY}' | base64 -d

  # Exastro Platform ENCRYPT_KEY
  kubectl get secret platform-secret-pf-global --namespace exastro -o jsonpath='{.data.ENCRYPT_KEY}' | base64 -d

  !!! Please save the output ENCRYPT_KEY carefully. !!!

3. Run the following command to get the application URL and go to the URL or go to the displayed URL:
  *************************
  * Service Console       *
  *************************
  http://exastro-suite.example.local/

  *************************
  * Administrator Console *
  *************************
  http://exastro-suite-mng.example.local/auth/


# Note: You can display this note again by executing the following command.
    Use the output results from the last step for the following steps.
  2. Check install status
    コマンドラインから以下のコマンドを入力して、インストール(サービス起動)が完了していることを確認します。
    リスト 34 コマンド
    # Pod の一覧を取得
kubectl get po --namespace exastro
    正常に起動している場合は、ita-migration-xxxplatform-migration-xxxCompleted 、その他すべてが Running となります。
    ※正常に起動するまで数分かかる場合があります。
    リスト 35 出力結果
    NAME                                                      READY   STATUS      RESTARTS   AGE
ita-api-admin-6b8567596d-rgjms                            1/1     Running     0          7h40m
ita-api-oase-receiver-6b74bdff6-zmcrw                     1/1     Running     0          7h40m
ita-api-organization-559d7d8f89-ptphh                     1/1     Running     0          7h40m
ita-by-ansible-execute-5dc444c999-w6gmr                   1/1     Running     0          7h40m
ita-by-ansible-legacy-role-vars-listup-6d8f98895f-bvjgn   1/1     Running     0          7h40m
ita-by-ansible-legacy-vars-listup-6ccd997cf-hvkzq         1/1     Running     0          7h40m
ita-by-ansible-pioneer-vars-listup-6cfcfd4479-8bqst       1/1     Running     0          7h40m
ita-by-ansible-towermaster-sync-6759486f8f-wrbbp          1/1     Running     0          7h40m
ita-by-cicd-for-iac-7b75cc56f5-rrrvg                      1/1     Running     0          7h40m
ita-by-collector-7748d54f59-8j5r2                         1/1     Running     0          7h40m
ita-by-conductor-regularly-779ff79775-xnt29               1/1     Running     0          7h40m
ita-by-conductor-synchronize-5d5485479-5df54              1/1     Running     0          7h40m
ita-by-excel-export-import-6f84f97dcf-hlm4h               1/1     Running     0          7h40m
ita-by-hostgroup-split-59b698f479-cxggd                   1/1     Running     0          7h40m
ita-by-menu-create-796bdc9c75-l79zq                       1/1     Running     0          7h40m
ita-by-menu-export-import-849d796bb5-5mpw2                1/1     Running     0          7h40m
ita-by-oase-conclusion-b484595d7-kssv4                    1/1     Running     0          7h40m
ita-by-terraform-cli-execute-769d874d7-sknn6              1/1     Running     0          7h40m
ita-by-terraform-cli-vars-listup-7f589cdddc-g5xz6         1/1     Running     0          7h40m
ita-by-terraform-cloud-ep-execute-7f8b6d87cc-kfmfv        1/1     Running     0          7h40m
ita-by-terraform-cloud-ep-vars-listup-6cccbd4899-6frcn    1/1     Running     0          7h40m
ita-migration-1-3-6-lydz                                  0/1     Completed   0          7h40m
ita-web-server-b4cd4cdf8-wkx78                            1/1     Running     0          7h40m
keycloak-0                                                1/1     Running     0          7h40m
mariadb-778786f7d-ss4cq                                   1/1     Running     0          7h40m
mongo-0                                                   1/1     Running     0          7h40m
platform-api-ffb78f578-svd5t                              1/1     Running     0          7h40m
platform-auth-75895d784-9hhxw                             1/1     Running     0          7h40m
platform-job-864c47d4f-8vvvq                              1/1     Running     0          7h40m
platform-migration-1-8-0-rjwr                             0/1     Completed   0          7h40m
platform-web-6644884657-dmwp6                             1/1     Running     0          7h40m

  3. Backup encrypt key

    Exastro システムのパスワードや認証情報といった機密情報はすべて暗号化されています。
    必ず、下記で取得した暗号化キーをバックアップして、適切に保管してください。

    危険

    暗号化キーを紛失した場合、バックアップデータからシステムを復旧した際にデータの復号ができなくなります。
    リスト 36 コマンド
    # Exastro IT Automation ENCRYPT_KEY
kubectl get secret ita-secret-ita-global --namespace exastro -o jsonpath='{.data.ENCRYPT_KEY}' | base64 -d
    リスト 37 出力結果
    JnIoXzJtPic2MXFqRl1yI1chMj8hWzQrNypmVn41Pk8=
    リスト 38 コマンド
    # Exastro Platform ENCRYPT_KEY
kubectl get secret platform-secret-pf-global --namespace exastro -o jsonpath='{.data.ENCRYPT_KEY}' | base64 -d
    リスト 39 出力結果
    bHFZe2VEVVM2PmFeQDMqNG4oZT4lTlglLjJJekxBTHE=

  4. Check connection

    Follow the output results and access the Administrator Console URL.
    The following is an example. Please change the host name with the one set in Service publish settings.
    リスト 40 Output results(Example)
    *************************
* Service Console       *
*************************
http://exastro-suite.example.local/

*************************
* Administrator Console *
*************************
http://exastro-suite-mng.example.local/auth/
    表 21 Connection check URL

    Managment console

    http://exastro-suite-mng.example.local/auth/

Log in to Managment console

If the page belows is displayed, select Administration Console and log in.
administrator-console
The Login ID and password are the KEYCLOAK_USER and KEYCLOAK_PASSWORD registered in create_system_manager.
login
Open the Keycloak managment page.
login
Once logged in, create a Organization.

Update

This section describes how to update the Exastro system.

Update preparation

警告

We recommend that the user follow Data backup/restore and back up the data before updating.

Update Helm repository

Update the Exastro system's Helm repository.
Check the version before updating.
リスト 61 Command
1# Check Repository information
2helm search repo exastro
リスト 62 Run results
1helm search repo exastro
2NAME                            CHART VERSION   APP VERSION     DESCRIPTION
3exastro/exastro                 1.0.0           2.0.3           A Helm chart for Exastro. Exastro is an Open So...
4exastro/exastro-it-automation   1.2.0           2.0.3           A Helm chart for Exastro IT Automation. Exastro...
5exastro/exastro-platform        1.5.0           1.4.0           A Helm chart for Exastro Platform. Exastro Plat...
Update the Helm repository.
リスト 63 Command
1# Update Repository information
2helm repo update
Check that it has been updated to the latest version.
リスト 64 Command
1# Check Repository information
2helm search repo exastro
リスト 65 Run results
1helm search repo exastro
2NAME                            CHART VERSION   APP VERSION     DESCRIPTION
3exastro/exastro                 1.0.1           2.1.0           A Helm chart for Exastro. Exastro is an Open So...
4exastro/exastro-it-automation   1.2.0           2.0.3           A Helm chart for Exastro IT Automation. Exastro...
5exastro/exastro-platform        1.5.0           1.4.0           A Helm chart for Exastro Platform. Exastro Plat...

Check default setting values and update data

Check the updated default values.
Compare the exastro.yaml file pre and post update.
リスト 66 Command
diff -u exastro.yaml <(helm show values exastro/exastro)
リスト 67 Run results
exastro-platform:
  platform-api:
    image:
      repository: "exastro/exastro-platform-api"
       tag: ""

  platform-auth:
+    extraEnv:
+      # Please set the URL to access
+      EXTERNAL_URL: ""
+      EXTERNAL_URL_MNG: ""
    ingress:
      enabled: true
      hosts:
        - host: exastro-suite.example.local
          paths:

Update setting values

警告

Both the username and password must be the same as before updating the system.
After comparing the default setting values, add any desired items and setting values before updating.
If no setting value update is needed, skip this step.
E.g. In the example below, exastro-platform.platform-auth.extraEnv is added, meaning that the corresponding setting items and values in exastro.yaml must be added.
リスト 68 Run results
exastro-platform:
  platform-api:
    image:
      repository: "exastro/exastro-platform-api"
       tag: ""

  platform-auth:
+    extraEnv:
+      # Please set the URL to access
+      EXTERNAL_URL: ""
+      EXTERNAL_URL_MNG: ""
    ingress:
      enabled: true
      hosts:
        - host: exastro-suite.example.local
          paths:

Specify Encryption key

Specify the encryption key backed up in Encrypt key backup.
リスト 69 exastro.yaml
--- /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/exastro.yaml
+++ /home/runner/work/exastro-it-automation-docs/exastro-it-automation-docs/workspace/src/en/2.5/installation/literal_includes/update_exastro.yaml
@@ -8,7 +8,7 @@
       LANGUAGE: "en"
       TZ: "Asia/Tokyo"
     secret:
-      ENCRYPT_KEY: ""
+      ENCRYPT_KEY: "JnIoXzJtPic2MXFqRl1yI1chMj8hWzQrNypmVn41Pk8="
     persistence:
       enabled: true
       accessMode: ReadWriteMany
@@ -36,7 +36,7 @@
       LANGUAGE: "en"
       TZ: "Asia/Tokyo"
     secret:
-      ENCRYPT_KEY: ""
+      ENCRYPT_KEY: "bHFZe2VEVVM2PmFeQDMqNG4oZT4lTlglLjJJekxBTHE="
   pfAuditLogDefinition:
     name: pf-auditlog
     persistence:
@@ -621,3 +621,4 @@
               - mongo
           topologyKey: kubernetes.io/hostname
 
+

Update

警告

If updating from version 2.2.1 or before to 2.3.0 or later, the user must perform Uninstall's Delete persistent volumes and then re-run Install.

危険

Do not run Deleting Persistent data.
Deleting persistent data will delete all data before the update.

Stop service

  1. Pod 起動数の確認

    作業前の Pod 起動数の確認をし、状態を記録します。
    リスト 70 コマンド
    kubectl get deploy,statefulset -o jsonpath='{range .items[*]}{@.metadata.name}:{@.spec.replicas}{"\n"}' -n exastro
    リスト 71 実行結果
    ita-api-admin:1
ita-api-oase-receiver:1
ita-api-organization:1
ita-by-ansible-execute:1
ita-by-ansible-legacy-role-vars-listup:1
ita-by-ansible-legacy-vars-listup:1
ita-by-ansible-pioneer-vars-listup:1
ita-by-ansible-towermaster-sync:1
ita-by-cicd-for-iac:1
ita-by-collector:1
ita-by-conductor-regularly:1
ita-by-conductor-synchronize:1
ita-by-excel-export-import:1
ita-by-hostgroup-split:1
ita-by-menu-create:1
ita-by-menu-export-import:1
ita-by-oase-conclusion:1
ita-by-terraform-cli-execute:1
ita-by-terraform-cli-vars-listup:1
ita-by-terraform-cloud-ep-execute:1
ita-by-terraform-cloud-ep-vars-listup:1
ita-web-server:1
mariadb:1
platform-api:1
platform-auth:1
platform-job:1
platform-web:1
keycloak:1
mongo:1
:
    各Deployment, StatefulSetのサービス名、replicas数が表示されます。

    警告

    バージョンによって、表示されるサービスが異なります。

  2. アプリケーションの停止

    アプリケーション (platform-auth) の Pod 起動数を 0 に変更し、アクセスを制限します。
    リスト 72 コマンド
    kubectl scale deploy,statefulset -n exastro --replicas=0 --all=true
    リスト 73 実行結果
    deployment.apps/ita-api-admin scaled
deployment.apps/ita-api-oase-receiver scaled
deployment.apps/ita-api-organization scaled
deployment.apps/ita-by-ansible-execute scaled
deployment.apps/ita-by-ansible-legacy-role-vars-listup scaled
deployment.apps/ita-by-ansible-legacy-vars-listup scaled
deployment.apps/ita-by-ansible-pioneer-vars-listup scaled
deployment.apps/ita-by-ansible-towermaster-sync scaled
deployment.apps/ita-by-cicd-for-iac scaled
deployment.apps/ita-by-collector scaled
deployment.apps/ita-by-conductor-regularly scaled
deployment.apps/ita-by-conductor-synchronize scaled
deployment.apps/ita-by-excel-export-import scaled
deployment.apps/ita-by-hostgroup-split scaled
deployment.apps/ita-by-menu-create scaled
deployment.apps/ita-by-menu-export-import scaled
deployment.apps/ita-by-oase-conclusion scaled
deployment.apps/ita-by-terraform-cli-execute scaled
deployment.apps/ita-by-terraform-cli-vars-listup scaled
deployment.apps/ita-by-terraform-cloud-ep-execute scaled
deployment.apps/ita-by-terraform-cloud-ep-vars-listup scaled
deployment.apps/ita-web-server scaled
deployment.apps/mariadb scaled
deployment.apps/platform-api scaled
deployment.apps/platform-auth scaled
deployment.apps/platform-job scaled
deployment.apps/platform-web scaled
statefulset.apps/keycloak scaled
statefulset.apps/mongo scaled

    警告

    バージョンによって、表示されるサービスが異なります。

  3. Pod 起動数の確認

    上記で停止した対象の Pod 数が 0 になっていることを確認します。
    リスト 74 コマンド
    kubectl get deploy,statefulset -n exastro
    リスト 75 実行結果
    NAME                                                     READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ita-api-admin                            0/0     0            0           26h
deployment.apps/ita-api-oase-receiver                    0/0     0            0           26h
deployment.apps/ita-api-organization                     0/0     0            0           26h
deployment.apps/ita-by-ansible-execute                   0/0     0            0           26h
deployment.apps/ita-by-ansible-legacy-role-vars-listup   0/0     0            0           26h
deployment.apps/ita-by-ansible-legacy-vars-listup        0/0     0            0           26h
deployment.apps/ita-by-ansible-pioneer-vars-listup       0/0     0            0           26h
deployment.apps/ita-by-ansible-towermaster-sync          0/0     0            0           26h
deployment.apps/ita-by-cicd-for-iac                      0/0     0            0           26h
deployment.apps/ita-by-collector                         0/0     0            0           26h
deployment.apps/ita-by-conductor-regularly               0/0     0            0           26h
deployment.apps/ita-by-conductor-synchronize             0/0     0            0           26h
deployment.apps/ita-by-excel-export-import               0/0     0            0           26h
deployment.apps/ita-by-hostgroup-split                   0/0     0            0           26h
deployment.apps/ita-by-menu-create                       0/0     0            0           26h
deployment.apps/ita-by-menu-export-import                0/0     0            0           26h
deployment.apps/ita-by-oase-conclusion                   0/0     0            0           26h
deployment.apps/ita-by-terraform-cli-execute             0/0     0            0           26h
deployment.apps/ita-by-terraform-cli-vars-listup         0/0     0            0           26h
deployment.apps/ita-by-terraform-cloud-ep-execute        0/0     0            0           26h
deployment.apps/ita-by-terraform-cloud-ep-vars-listup    0/0     0            0           26h
deployment.apps/ita-web-server                           0/0     0            0           26h
deployment.apps/mariadb                                  0/0     0            0           26h
deployment.apps/platform-api                             0/0     0            0           26h
deployment.apps/platform-auth                            0/0     0            0           26h
deployment.apps/platform-job                             0/0     0            0           26h
deployment.apps/platform-web                             0/0     0            0           26h

NAME                        READY   AGE
statefulset.apps/keycloak   0/0     25h
statefulset.apps/mongo      0/0     26h

    警告

    バージョンによって、表示されるサービスが異なります。

Start Update

Start the update.
リスト 76 Command
helm upgrade exastro exastro/exastro --install \
  --namespace exastro --create-namespace \
  --values exastro.yaml
リスト 77 Output results
NAME: exastro
LAST DEPLOYED: Sat Jan 28 15:00:02 2023
NAMESPACE: exastro
STATUS: deployed
REVISION: 2
TEST SUITE: None
NOTES:
Exastro install completion!

1. Execute the following command and wait until the pod becomes "Running" or "Completed":

  # NOTE: You can also append "-w" to the command or wait until the state changes with "watch command"

  kubectl get pods --namespace exastro

2. Get the ENCRYPT_KEY by running these commands:

  # Exastro IT Automation ENCRYPT_KEY
  kubectl get secret ita-secret-ita-global --namespace exastro -o jsonpath='{.data.ENCRYPT_KEY}' | base64 -d

  # Exastro Platform ENCRYPT_KEY
  kubectl get secret platform-secret-pf-global --namespace exastro -o jsonpath='{.data.ENCRYPT_KEY}' | base64 -d

  !!! Please save the output ENCRYPT_KEY carefully. !!!

3. Run the following command to get the application URL and go to the URL or go to the displayed URL:
  *************************
  * Service Console       *
  *************************
  http://exastro-suite.example.local/

  *************************
  * Administrator Console *
  *************************
  http://exastro-suite-mng.example.local/auth/


  # Note: You can display this note again by executing the following command.

Restart service

※ The replicas specified in exastro.yaml will be re-started. There is therefore no need to restart them manually.

Move on to Confirm Update status..

  1. サービス再開

    サービス停止時に取得した各 Deployment の Pod 起動数を元に戻します。
    リスト 78 コマンド
    kubectl scale deploy,statefulset -n exastro --replicas=1 --all=true
    個別にreplicas数を設定する場合は以下のコマンドで再開します。
    サービス名は、停止時に確認した内容を入力してください。
    リスト 79 コマンド
    kubectl scale deployment [サービス名] -n exastro --replicas=[replicas数]
    Ver.2.4.0以降、サービス名:keycloak、mongodbについては以下のコマンドで再開します。
    リスト 80 コマンド
    kubectl scale statefulset [サービス名] -n exastro --replicas=[replicas数]

    Tip

    サービス名を複数指定する場合は、カンマ区切りで複数のサービス名を指定することができます。

  2. Pod 起動数の確認

    上記で起動した対象の Pod 数が元に戻りすべて READY になっていることを確認します。
    リスト 81 コマンド
    kubectl get deploy,statefulset -n exastro
    リスト 82 実行結果
    NAME                                                     READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ita-api-admin                            1/1     1            1           26h
deployment.apps/ita-api-oase-receiver                    1/1     1            1           26h
deployment.apps/ita-api-organization                     1/1     1            1           26h
deployment.apps/ita-by-ansible-execute                   1/1     1            1           26h
deployment.apps/ita-by-ansible-legacy-role-vars-listup   1/1     1            1           26h
deployment.apps/ita-by-ansible-legacy-vars-listup        1/1     1            1           26h
deployment.apps/ita-by-ansible-pioneer-vars-listup       1/1     1            1           26h
deployment.apps/ita-by-ansible-towermaster-sync          1/1     1            1           26h
deployment.apps/ita-by-cicd-for-iac                      1/1     1            1           26h
deployment.apps/ita-by-collector                         1/1     1            1           26h
deployment.apps/ita-by-conductor-regularly               1/1     1            1           26h
deployment.apps/ita-by-conductor-synchronize             1/1     1            1           26h
deployment.apps/ita-by-excel-export-import               1/1     1            1           26h
deployment.apps/ita-by-hostgroup-split                   1/1     1            1           26h
deployment.apps/ita-by-menu-create                       1/1     1            1           26h
deployment.apps/ita-by-menu-export-import                1/1     1            1           26h
deployment.apps/ita-by-oase-conclusion                   1/1     1            1           26h
deployment.apps/ita-by-terraform-cli-execute             1/1     1            1           26h
deployment.apps/ita-by-terraform-cli-vars-listup         1/1     1            1           26h
deployment.apps/ita-by-terraform-cloud-ep-execute        1/1     1            1           26h
deployment.apps/ita-by-terraform-cloud-ep-vars-listup    1/1     1            1           26h
deployment.apps/ita-web-server                           1/1     1            1           26h
deployment.apps/mariadb                                  1/1     1            1           26h
deployment.apps/platform-api                             1/1     1            1           26h
deployment.apps/platform-auth                            1/1     1            1           26h
deployment.apps/platform-job                             1/1     1            1           26h
deployment.apps/platform-web                             1/1     1            1           26h

NAME                        READY   AGE
statefulset.apps/keycloak   1/1     26h
statefulset.apps/mongo      1/1     26h

    警告

    バージョンによって、表示されるサービスが異なります。

Confirm Update status.

コマンドラインから以下のコマンドを入力して、インストール(サービス起動)が完了していることを確認します。
リスト 83 コマンド
# Pod の一覧を取得
kubectl get po --namespace exastro
正常に起動している場合は、ita-migration-xxxplatform-migration-xxxCompleted 、その他すべてが Running となります。
※正常に起動するまで数分かかる場合があります。
リスト 84 出力結果
NAME                                                      READY   STATUS      RESTARTS   AGE
ita-api-admin-6b8567596d-rgjms                            1/1     Running     0          7h40m
ita-api-oase-receiver-6b74bdff6-zmcrw                     1/1     Running     0          7h40m
ita-api-organization-559d7d8f89-ptphh                     1/1     Running     0          7h40m
ita-by-ansible-execute-5dc444c999-w6gmr                   1/1     Running     0          7h40m
ita-by-ansible-legacy-role-vars-listup-6d8f98895f-bvjgn   1/1     Running     0          7h40m
ita-by-ansible-legacy-vars-listup-6ccd997cf-hvkzq         1/1     Running     0          7h40m
ita-by-ansible-pioneer-vars-listup-6cfcfd4479-8bqst       1/1     Running     0          7h40m
ita-by-ansible-towermaster-sync-6759486f8f-wrbbp          1/1     Running     0          7h40m
ita-by-cicd-for-iac-7b75cc56f5-rrrvg                      1/1     Running     0          7h40m
ita-by-collector-7748d54f59-8j5r2                         1/1     Running     0          7h40m
ita-by-conductor-regularly-779ff79775-xnt29               1/1     Running     0          7h40m
ita-by-conductor-synchronize-5d5485479-5df54              1/1     Running     0          7h40m
ita-by-excel-export-import-6f84f97dcf-hlm4h               1/1     Running     0          7h40m
ita-by-hostgroup-split-59b698f479-cxggd                   1/1     Running     0          7h40m
ita-by-menu-create-796bdc9c75-l79zq                       1/1     Running     0          7h40m
ita-by-menu-export-import-849d796bb5-5mpw2                1/1     Running     0          7h40m
ita-by-oase-conclusion-b484595d7-kssv4                    1/1     Running     0          7h40m
ita-by-terraform-cli-execute-769d874d7-sknn6              1/1     Running     0          7h40m
ita-by-terraform-cli-vars-listup-7f589cdddc-g5xz6         1/1     Running     0          7h40m
ita-by-terraform-cloud-ep-execute-7f8b6d87cc-kfmfv        1/1     Running     0          7h40m
ita-by-terraform-cloud-ep-vars-listup-6cccbd4899-6frcn    1/1     Running     0          7h40m
ita-migration-1-3-6-lydz                                  0/1     Completed   0          7h40m
ita-web-server-b4cd4cdf8-wkx78                            1/1     Running     0          7h40m
keycloak-0                                                1/1     Running     0          7h40m
mariadb-778786f7d-ss4cq                                   1/1     Running     0          7h40m
mongo-0                                                   1/1     Running     0          7h40m
platform-api-ffb78f578-svd5t                              1/1     Running     0          7h40m
platform-auth-75895d784-9hhxw                             1/1     Running     0          7h40m
platform-job-864c47d4f-8vvvq                              1/1     Running     0          7h40m
platform-migration-1-8-0-rjwr                             0/1     Completed   0          7h40m
platform-web-6644884657-dmwp6                             1/1     Running     0          7h40m

Uninstall

This section explains how to uninstall Exastro.

Uninstall preparation

警告

We recommend that the user follow Data backup/restore and back up the data before uninstalling.

Uninstall

Start Uninstall

Start the uninstall process.
リスト 85 Command
helm uninstall exastro --namespace exastro
リスト 86 Output results
release "exastro" uninstalled

Delete persistent volumes

This section describes how to delete data if a persistent volume(PV) has been created on Kubernetes using hostPath.
If using external databases (managed databases included), make sure to delete environmental data as well.
For Databases
リスト 87 Command
kubectl delete pv pv-database
リスト 88 Execution results
persistentvolume "pv-database" deleted
For Files
リスト 89 Command
kubectl delete pv pv-ita-common
リスト 90 Execution results
persistentvolume "pv-ita-common" deleted
For OASE
リスト 91 Command
kubectl delete pv pv-mongo
リスト 92 Execution results
persistentvolume "pv-mongo" deleted
リスト 93 Command
kubectl delete pvc volume-mongo-storage-mongo-0 --namespace exastro
リスト 94 Execution results
persistentvolumeclaim "volume-mongo-storage-mongo-0" deleted
For GitLab
リスト 95 Command
kubectl delete pv pv-gitlab
リスト 96 Execution results
persistentvolume "pv-gitlab" deleted
For Monitoring log files
リスト 97 Command
kubectl delete pv pv-auditlog
リスト 98 Execution results
persistentvolume "pv-auditlog" deleted

Deleting Persistent data

Log in to the Kubernetes Control node and delete the data.
For Databases
The following command is an example where the hostPath is specified to /var/data/exastro-suite/exastro-platform/database when the Persistent Volume was created.
リスト 99 Command
# Log in to control node that has persistent data
ssh user@contol.node.example

# Delete persistent data
sudo rm -rf /var/data/exastro-suite/exastro-platform/database

For Files

The following command is an example where the hostPath is specified to /var/data/exastro-suite/exastro-it-automation/ita-common when the Persistent Volume was created.
リスト 100 Command
# Log in to control node that has persistent data
ssh user@contol.node.example

# Delete persistent data
sudo rm -rf /var/data/exastro-suite/exastro-it-automation/ita-common
For OASE
The following command is an example where the hostPath is specified to /var/data/exastro-suite/exastro-platform/mongo when the Persistent Volume was created.
リスト 101 Command
# Log in to control node that has persistent data
ssh user@contol.node.example

# Delete persistent data
sudo rm -rf /var/data/exastro-suite/exastro-platform/mongo
For GitLab
The following command is an example where the hostPath is specified to /var/data/exastro-suite/exastro-platform/gitlab when the Persistent Volume was created.
リスト 102 Command
# Log in to control node that has persistent data
ssh user@contol.node.example

# Delete persistent data
sudo rm -rf /var/data/exastro-suite/exastro-platform/gitlab
For Monitoring log files
The following command is an example where the hostPath is specified to /var/log/exastro when the Persistent Volume was created.
リスト 103 Command
# Log in to control node that has persistent data
ssh user@contol.node.example

# Delete persistent data
sudo rm -rf /var/log/exastro