Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add basic Kubernetes installation documentation #220

Draft
wants to merge 16 commits into
base: master
Choose a base branch
from

Conversation

jason-seqera
Copy link
Contributor

@jason-seqera jason-seqera commented Sep 12, 2024

Preview URL: https://deploy-preview-220--seqera-docs.netlify.app/platform/24.1/enterprise/kubernetes-minimal-install

The goal of this project is the improvement of the existing installation documentation. In particular, provide installation documentation for Kubernetes that is vastly simplified, providing the user with a turnkey working Kubernetes installation on any Kubernetes cluster, without any cloud provider specific requirements or configuration initially. This also works locally on Docker Desktop K8s.

This gives the user an immediately functional installation. Then we can build on this with Seqera recommended reference installations that cover best practice for ingress configuration, Redis and MySQL SaaS service integration, external SMTP server integration, custom TLS certificates for NF launcher, and so on.

For clarity, configuration files are functional minimums, without any extraneous fields. Any commands run include output and examples where ever possible, along with validation and confirmation steps.

@jason-seqera jason-seqera self-assigned this Sep 12, 2024
Copy link

netlify bot commented Sep 12, 2024

Deploy Preview for seqera-docs ready!

Name Link
🔨 Latest commit dc8d558
🔍 Latest deploy log https://app.netlify.com/sites/seqera-docs/deploys/66fc23625994f80008bee793
😎 Deploy Preview https://deploy-preview-220--seqera-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@jason-seqera
Copy link
Contributor Author

@gavinelder, this is an initial pass based on my interpretation of your suggestions.


The following prerequisites are required to deploy Seqera on a Kubernetes cluster.

- A Kubernetes cluster version 1.30.2 or newer
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We currently run 1.28 in our environments , pinning to a version may result in this doc being dated.

What about - A Kubernetes cluster running a supported version

Copy link
Contributor

@gavinelder gavinelder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Completed an initial first-pass , will go through it in more detail shortly.

@gwright99 may also make a good reviewer for this content.

Comment on lines +8 to +9
This installation guide describes how to install Seqera Platform on a Kubernetes cluster.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potentially expand on this and explain what the outcomes will be.

This installation guide describes how to install Seqera Platform on a Kubernetes cluster, at the end of the guide you will have a version of the platform running be able to log in etc.

Comment on lines 47 to 60
Seqera Enterprise is distributed as a collection of Docker containers available through the Seqera container registry [`cr.seqera.io`](https://cr.seqera.io). Contact [support](https://support.seqera.io) to get your container access credentials. After you've received your credentials, grant your cluster access to the registry:

1. Retrieve the `name` and `secret` values from the JSON file that you received from Seqera support.

1. Create a [secret][kubectl-secret] for the image pull secret:

```
kubectl create secret docker-registry cr.seqera.io \
--docker-server=cr.seqera.io \
--docker-username='<name>' \
--docker-password='<secret>'
```

The credential `name` contains a dollar `$` character. Wrap the name in single quotes to prevent the Linux shell from interpreting this value as an environment variable.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

General comment there is a potential here to do an advanced admin guide and make a recommendation to download and host a copy of the containers yourself which removes a dependancy on us and makes their platform more resilient and also removes the need for this secret to be maintained if they're using AWS ECR for example.

Comment on lines 108 to 113
<summary>View command output</summary>
```
NAME STATUS
pull-test Succeeded
```
</details>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a section to clean up and delete the pod once they have carried out this step ?

What should they do if they see ErrImagePull ?

Configure the following environment variables. For more information about Seqera configuration options, see [Configuration overview](./configuration/overview.mdx).

:::tip
The `configmap.yml` manifest includes both the `tower.env` and `tower.yml` files. These files are made available to the other containers through volume mounts.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this important is there a distinction between the two ?

Would it be better to say something like "To simplify management of configuration we will use the same configmap for all seqera resources such as tower etc ?

Is this an opertunity to move away from the word tower and make it platform ?


## 3. Configure Seqera Platform

Configure the following environment variables. For more information about Seqera configuration options, see [Configuration overview](./configuration/overview.mdx).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like this section is missing a why section.

Seqera Services take their configuration for items such as what database to use from environment variables passed at runtime, to simplify this deployment we use a config-map which we will create in this step you can find out more about this in the configuration overview for example.


## Next steps

- Configure OpenID Connect (OIDC) for seamless integration with your identify provider
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Configure OpenID Connect (OIDC) for seamless integration with your identify provider
- Configure OpenID Connect (OIDC) for seamless integration with your identity provider

What about Configure identity providers for seamless single sign-on we support more than OIDC AFAIK.


- Configure OpenID Connect (OIDC) for seamless integration with your identify provider
- Configure ingress for your public cloud provider for load balancing and TLS termination
- Configure access to your organization's email server
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Configure access to your organization's email server
- Configure Seqera platform to send email notifications

Rationalle for the change is they may not connect to the org's email server they may use a third-party service, this is more broad wording.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants