Installing Zetaris on Redhat Openshift

Pre-requisites:
Please prepare all secret, config, and key files. Contact the Zetaris team to obtain these files.
  1. Introduction
    1. Overview
      This guide provides detailed instruction on how to install Zetaris software on Red Hat OpenShift.
    2. How to Use this Guide
      1. Introduction explains the purpose of the document along with its structure and defines the audience.
      2. Installation Prerequisites list all the prerequisites to plan an installation in your environment.
      3. Installation Instructions provides the installation procedure.
    3. References
      Setting up spark workloads on Openshift 
      https://cloud.redhat.com/blog/getting-started-running-spark-workloads-on-openshift
    4. Zetaris Support
      We are committed to providing the highest level of support to Zetaris users. If you encounter any issue or need assistance with the installation, or suggest improvements, please contact our support team.
  2. Installation Prerequisites
    For installing Zetaris software we need to have the following components running:

    Component Requirement
     Red Hat OpenShift 

    OpenShift version 4.10.40 with kubeadmin level access.

    oc command line tool

    Required to execute command on Red Hat OpenShift cluster

    Docker Hub access

    Access to Zetaris docker hub can be given by Zetaris Sys admin

     Postgres 

    Zetaris 2.3.3.0 requires Postgres for it’s internal function

    Zetaris GUI, API, Backend docker images

    Actual Zetaris docker images for installation

     

  3. Setup the ‘namespace’ and ‘serviceaccount’
    1. Login to Red Hat OpenShift cluster using kubeadmin credentials from oc command line tool.
    2. Create a new project using
      oc new-project zetaris
    3. Create service account for all pods to run with appropriate level of access. Use this command 
      oc create sa zetaris-sa-scc-anyuid -n zetaris
    4. Add the service account in the anyuid scc. Use this command.
      oc adm policy add-scc-to-user anyuid -z zetaris-sa-scc-anyuid -n zetaris
    5. Add the service account and policy to the project. Use the following command
      kubectl create clusterrolebinding spark-role --clusterrole=edit --serviceaccount=zetaris:zetaris-sa-scc-anyuid --namespace=zetaris
  4. Postgres Installation

    Please install Postgres external to Red Hat OpenShift cluster. Also please ensure that Red Hat OpenShift cluster can have access to this Postgres instance.

    1. Install PostgreSQL  on CentOS 
      sudo yum install postgresql-13-server postgresql-contrib
    2.  Initialise the database
      sudo postgresql-setup initdb
    3. Start the database
      sudo systemctl start postgresql
    4. PostgreSQL basic setup

      1. Change user to postgres
        su – postgres
      2. Login to database
        psql
      3. Set new password for default user “postgres”
        ALTER USER postgres WITH PASSWORD 'NewPassword';
    5. Open terminal and run;
      psql
    6. Create user rds_admin and make this user database admin. Please keep a note of its password as it is required for connecting to database.
      create role rds_admin superuser login password 'password';
    7. Create database metastore using,
      create database metastore;
    8. Create database audit_log using,
      create database audit_log;
    9. Grant all privileges on database metastore using,
      grant all privileges on database metastore to rds_admin;
    10. Grant all privileges on database audit_log using,
      grant all privileges on database audit_log to rds_admin;
  5. Install the Spark Operator
    1. Add the spark operator repo;
      helm repo add spark-operator https://googlecloudplatform.github.io/spark-on-k8s-operator
    2. Install the spark operator;
      helm install spark-operator spark-operator/spark-operator --namespace spark-operator --create-namespace --set webhook.enable=true --set resourceQuotaEnforcement.enable=true
  6. Create the secrets
    1. Apply the secrets manifests yaml;
      oc apply -f zetaris-manifests-secrets.yaml
    2. Create secret lightning-password-security-encryption-secret in project Zetaris using following key and values. In our setup we have used Red Hat OpenShift GUI Console to do this.
      Key Value
      private_key.der private_key.der file provided by Zetaris
      pubic_key.der public_key.der file provided by Zetaris
  7. Create the config maps
    Apply the configmaps manifests yaml;
    oc apply -f zetaris-manifests-configmaps.yaml
  8. Create the deployments
    Apply the deployments manifests yaml;
    oc apply -f zetaris-manifests-deployments.yaml
  9. Create the services
    Apply the services manifests yaml;
    oc apply -f zetaris-manifests-svcs.yaml
  10. Create the routes
    Apply the routes manifests yaml;
    oc apply -f zetaris-manifests-routes.yaml
  11. Install Solr
    1. Pull the solr helm chart
      helm pull registry-1.docker.io/zetaris/solr
    2. Run the helm chart as below:
      helm upgrade -i --create-namespace -n zetaris solr -f values.yaml

      Here is the explanation of the helm value attributes found in values.yaml:
      Registrysecretname – The secret that holds the auth creds for zetaris’ dockerhub account so that K8s can pull the solr image.
      Sslname – The name of LetsEncrypt Issuer.
      Emailaddress – Any relevant email address. This is needed by the Issuer.
      If you don’t understand any other attribute, just leave the values the way it is or replace it with blank.

  12. Install Airflow
    1. Install official airflow image
      To install airflow, add the official airflow helm charts to your help repo:
      helm repo add apache-airflow https://airflow.apache.org

      Modify the airflowvalues.yaml file :

      1. You can specify some environment variables for airflow from this values file.

      2. It is recommended to add your Zetaris user credentials and JDBC IP to take advantage of your airflow environment.

      3. You can also add credentials for notification emails.

      4. If you don’t have these information now, you will be able to set them in airflow UI.

      5. Make sure you specify the PostgreSQL server for your airflow to have persistent storage.

      6. You can then deploy airflow using :
        helm upgrade --install airflow apache-airflow/airflow -f ./path/to/your/airflowvalues.yaml --namespace airflow --create-namespace
    2. Install service for airflow

      After installing airflow, you will need to create a service to redirect to airflow.

      1. Retrieve the helm template here HelmDeployment/airflow-ing/azure at main · zetaris/HelmDeployment (github.com).

      2. Modify the values file to have your persistent volume configured for airflow Dags, and run the helm install command to create the PV and the service:
        helm upgrade -i --create-namespace -n airflow airflow-ing -f airflow-ing/aws/eks-load-testing-cluster.airflow.values.yaml airflow-ing/aws
      3. Once done, specify the airflow apache URL in the lightning-gui deployment as an environment variable so that it appears in the UI.

      4. Run kubectl edit deployment lightning-gui -n zetaris and add the following variable if not already existing:
             containers:

                env:

                    - name: APACHE_AIRFLOW_URL

                    value: https://airflow..
      5. Airflow will then be accessible directly from Zetaris UI, or airflow.#{deploymentname}#.#{dnsdomain}#.

  13. Final deployment should contain running pods as shown below;
    Picture1-3
  14. Create Lightning user account
    1. Login to ‘lightning-server-driver’ pod
    2. Run the dev-account.sh script
      /home/zetaris/lightning/bin/dev-account.sh
  15. Launch Zetaris
    1. Please Open browser window (preferably chrome) from any computer that is connected to VM and can access the machine on which Zetaris is installed.
    2. Use URL from route created earlier (e.g. http://zetaris-zetaris.apps.zetaris.iac.ssc) to launch Zetaris from browser window.
      Picture2-1
    3. Please enter user email: dev@account.com
    4. Please enter the password: password
    5. This should log you in. and see Zetaris front end.