Pro Installation
Prerequisite
Cert Manager
DCS RESTful server depends on cert-manager ↗ to issue certificates.
You’ve probably been using cert-manager. If so, you can skip this section.
cert-manager is a powerful and extensible X.509 certificate controller for Kubernetes and OpenShift workloads. It will obtain certificates from a variety of Issuers, both popular public Issuers as well as private Issuers, and ensure the certificates are valid and up-to-date, and will attempt to renew certificates at a configured time before expiry.
Trust Manager
DCS RESTful server depends on trust-manager ↗ for trusted CAs for validating certificates during TLS handshakes.
You’ve probably been using trust-manager. If so, you can skip this section.
trust-manager is designed to complement cert-manager and works well when consuming CA certificates from a cert-manager Issuer or ClusterIssuer.
Installation/Upgrade
Download a Release
In every release, there’re several docker images and one helm chart.
e.g.
DCS Pro v1.0.0:
dcs-pro-1.0.0-amd64.tar # docker image of arch amd64
dcs-pro-1.0.0-arm64.tar # docker image of arch arm64
dcs-pro-1.0.0.tgz # helm chartUpload Docker Image
Choose a docker images which matches your arch, and upload the docker image to your image registry server.
If none image matches your arch, please contact us, We’ll build a docker image for that arch and add it to the release.
Install for the First Time
helm install dcs <path-to-helm-chart> --set namespace=<namespace>,image=<path-to-docker-image>,tz=<time-zone>,cert.issuer.name=<issuer>,cert.issuer.kind=<issuer-kind>,trustedCAs.name=<trusted-cas-name>,trustedCAs.key=<trusted-cas-key>,licenseSubject=<license-subject> --set-file license=<path-to-license>e.g.
helm install dcs dcs-pro-1.0.0.tgz --set namespace=default,image=registry-address/dcs-pro:1.0.0-amd64,tz=America/New_York,cert.issuer.name=issuer,cert.issuer.kind=ClusterIssuer,trustedCAs.name=trusted-cas,trustedCAs.key=cas,licenseSubject=your-company --set-file license=your-company.dcs-pro.licenseUpgrade to a New Version
DCS is backward compatible, so you can seamlessly upgrade to a New Version.
# mostly the same as installation, except the subcommand install is replaced with upgrade
helm upgrade dcs <path-to-helm-chart> ...e.g.
helm upgrade dcs dcs-pro-1.1.0.tgz ...Because helm upgrade doesn’t update CRDs, please execute the following to update CRDs.
tar -zxvf <path-to-helm-chart> -C /tmp dcs-pro/crds
kubectl apply -f /tmp/dcs-pro/crds
rm -rf /tmp/dcs-proComplete List of Options
As follows is the complete list of options of installation and upgrade.
| Required | Option | Default Value | Meaning |
|---|---|---|---|
| namespace | default | The namespace where to install/upgrade DCS | |
| ✓ | image | Path to docker image of DCS | |
| tz | UTC | Local time zone in containers of DCS | |
| lease | 15s | Lease duration, used in leader election | |
| restPort | 1058 | RESTful server port | |
| maxConReq | Max number of concurrent requests to the RESTful server. Default to no limit. | ||
| cert.duration | Duration (i.e. lifetime) of Certificate. Default to 90 days as per cert-manager doc. | ||
| cert.renewBefore | How long before expiry a certificate should be renewed. Default to 1⁄3 of cert.duration as per cert-manager doc. | ||
| ✓ | cert.issuer.kind | Kind of cert-manager issuer. Valid values are ClusterIssuer, Issuer. | |
| ✓ | cert.issuer.name | Name of cert-manager issuer. | |
| trustedCAs.kind | ConfigMap | Kind of trust-manager Bundle target. Valid values are ConfigMap, Secret. | |
| ✓ | trustedCAs.name | Name of trust-manager Bundle target | |
| ✓ | trustedCAs.key | Key of trust-manager Bundle target | |
| resource.mem.request | Memory request of a container of DCS | ||
| resource.mem.limit | Memory limit of a container of DCS | ||
| resource.cpu.request | CPU request of a container of DCS | ||
| resource.cpu.limit | CPU limit of a container of DCS | ||
| ✓ | licenseSubject | License subject, usually the name of your company | |
| ✓ | license | Path to license. License subject and license file will be sent to you once you purchase a commercial license. | |
| log.fileSize | 10 | Max size in MB of a log file. If a file exceeds this size, the file will be rotated. | |
| log.baks | 2 | Max number of old log files. Older files will be removed. |
- For all duration options, the format is defined by Go time.ParseDuration ↗ .
- For all cert-manager options (i.e. cert.*), see also cert-manager API doc ↗ .
- For all trust-manager options (i.e. trustedCAs.*), see also trust-manager doc ↗ .
Log Aggregation
You’ve probably been using a log aggregation system for gathering, querying and displaying logs.
If not, try Loki
↗
.