search
Home

Cloud Specific Details

Cloud vendor specific tool installations and environment variables are required at certain steps based on your deployment path

hashtag
Prerequisites

hashtag
Provision Enabling Systems

For quick deployment, mainly for development and testing purposes, you may wish to use cloud marketplaces, managed providers or Rierino playbooks for enabling systems:

LogoAWS Marketplace: MongoDB(R) VM packaged by Bitnamiaws.amazon.comchevron-right
MongoDB

For this MongoDB package, configuration updates and restart details can be found from the vendor sitearrow-up-right.

LogoAWS Marketplace: Bitnami package for Apache Kafkaaws.amazon.comchevron-right
Kafka
https://aws.amazon.com/marketplace/pp/prodview-5bryl7uliw4euaws.amazon.comchevron-right
Keycloak
circle-info

If you will be using Keycloak with http for development / testing purposes, you may need to open up the port on local firewall (e.g. sudo ufw allow 8080/tcp) and set "Require SSL" option to false on master realm.

LogoAWS Marketplace: Bitnami Elasticsearch Stackaws.amazon.comchevron-right
Elasticsearch

hashtag
Set-up Initial Deployment Host

Ansible playbooks require access to VM inventory as well as kubernetes cluster from initial deployment host, which requires installation of certain collections and tools:

LogoInstalling or updating to the latest version of the AWS CLI - AWS Command Line InterfaceAWS Command Line Interfacechevron-right
AWS CLI Installation

Set-up environment variables used by Ansible and AWS tools:

circle-info

If you are using WSL for initial deployment and receive error on valid AWS credentials, your instance's time may be out of sync with Amazon servers.

You may use a command such as sudo hwclock -s for synchronization.

circle-exclamation

As a best practice, it is recommended not to use AWS account root user credentials for these environment variables which are used during deployment.

hashtag
Provision a Kubernetes Cluster

circle-exclamation

Note that for AWS installations, you may need to manually update kubeconfig file contents output from "terraform apply" step, setting authentication apiVersion to "v1beta1" if you are receiving "invalid apiVersion client.authentication.k8s.io/v1alpha1"error.

This is due to a compatibility bug between AWS CLI and recent helm/kubectl versions.

It is possible to deploy Rierino platform on any AWS region that has EKS and ELB availability. For the latest list of regions supported for these services, please refer to AWS availability listingarrow-up-right.

hashtag
AWS

hashtag
Configure Network Connectivity

You can use security groups for configuring connectivity between kubernetes cluster and enabling systems (such as one group allowing ingress from all sources within the group and another granting access to static admin IPs).

LogoControl traffic to your AWS resources using security groups - Amazon Virtual Private CloudAmazon Virtual Private Cloudchevron-right
Amazon Security Groups

You can issue SSL certificates using ACM for your domain.

LogoCertificate Manager- AWS Certificate Manager - AWSAmazon Web Services, Inc.chevron-right
AWS Certificate Manager

You can reserve static IPs to assign them to external facing load balancers.

LogoElastic IP addresses - Amazon Elastic Compute CloudAmazon Elastic Compute Cloudchevron-right
Amazon Elastic IPs

You can map your static IPs to DNS records.

LogoDNS Service - Amazon Route 53 - AWSAmazon Web Services, Inc.chevron-right
Amazon Route 53

hashtag
Deployments

hashtag
Load Balancer Variables

For ansible-playbook deployments including external facing load balancers (admin gateway and admin UI), include the following variables for static IP and certificate assignments:

Variable
Definition
Default

awsACMARN

ARN for ACM certificate (if certificate is used)

-

awsLBSubnets

List of subnets on which static IPs shall be assigned (if static ip is used)

-

PreviousAlternative 2: Ansible - Step-by-StepNextSandbox VM Deployment

Last updated