Skip to content

Latest commit

 

History

History
118 lines (76 loc) · 5.17 KB

README.md

File metadata and controls

118 lines (76 loc) · 5.17 KB

water-analytics-cluster

This umbrella helm chart deploys a virtualized cluster environment in Kubernetes for the analytics platform of the WaterGridSense 4.0 project. The deployable subcharts include: Apache Cassandra, Apache Flink, Grafana, Apache Kafka, Prometheus, Persistent Volume Provisioner, RabbitMQ, Redis, and Zookeeper.

Using the helm charts

Configuration

Charts are deployed using Helm. Configure which charts to deploy in the global values.yaml by setting enabled: true for each desired technology. Cluster sizes and ports for external access can also be specified here.

Each subchart can be deployed by itself and contains its own values.yaml file with futher configurations. If deployed from the umbrella chart, values in the global values.yaml will overwrite the values in the subchart's values.yaml.

Using the helm charts

Deploy the charts with:

helm install [DEPLOYMENT NAME] [CHART / ROOT DIRECTORY] -n [NAMESPACE]

Note: when using helm v3, the namespace must already exist.

Uninstall the charts with:

helm uninstall [DEPLOYMENT NAME]

RabbitMQ

RabbitMQ is a open source message broker that supports a range of protocols, including MQTT.

RabbitMQ can be accessed outside of the Kubernetes cluster using the follow credentials:

user: user
pass: [password]
host: [any node ip in the kubernetes clubster]

Ports can be set in the global values.yaml file and can not already be in use:

amqp:     30672
amqp/ssl: 30671
mqtt:     31672
mqtt/ssl: 31671

For security reasons, the password for the default user is randomly generated at deployment. To view the password, run the following command inside the cluster. echo "Password: $(kubectl get secret --namespace [namespace] rabbitmq -o jsonpath="{.data.rabbitmq-password}" | base64 --decode)"

Additional users and permissions can be added using the rabbitmqctl command line tool, executed directly from a rabbitmq pod: kubectl exec rabbitmq-0 -- rabbitmqctl add_user "username" "password" kubectl exec rabbitmq-0 -- rabbitmqctl set_permissions -p "/" "username" ".*" ".*" ".*" The new users should be replicated across all nodes in the cluster.

Per default, message queues are not replicated across all nodes. To enable replication across all nodes, run: kubectl exec rabbitmq-0 -- rabbitmqctl set_policy ha-all "^ha\." '{"ha-mode":"all"}'

To enable TLS support, use the RabbitMQ documentation to generate the certificates. Encryption can be enabled in the global values.yaml file by setting tls.enabled: true and providing the name of the Kubernetes secret in tls.exisitingSecret containing the generated certificiates.

To create the secret in Kubernetes, update the paths to the certificates and run:

kubectl create secret generic rabbitmq-certificates --from-file=./ca.crt --from-file=./tls.crt --from-file=./tls.key

A RabbitMQ definitions file can be loaded to configure RabbitMQ in the global values.yaml file by setting loadDefinition.enabled: true and providing the Kubernetes secret name in exisitingSecret.

Helm chart source

Kafka

Apache Kafka

Helm chart source

Kafka Connect

We use Kafka Connect as a bridge between RabbitMQ and Kafka in order to ensure compatibility with LoRa Network Servers that support integration with MQTT endpoints but not Kafka. Configure the variables defined in values.yaml to match the configuration of your cluster in order for the bridge to work.

Flink

Apache Flink

Zookeeper

Apache Zookeeper

Helm chart source

Cassandra

Cassandra is a scalable, distributed database.

The database user and password can be specified in the global values.yaml file. Client to node encryption can be enabled by setting clientEncryption: true and providing the name of the Kubernetes secret in tlsEncryptionSecretName containing the keystore, keystore password, truststore, and truststore password.

To create the secret in Kubernetes, update the paths to the keystore and truststore and run:

kubectl create secret generic cassandra-tls --from-file=keystore=./path-to-keystore \
--from-file=truststore=./path-to-truststore --from-literal=keystore-password=cassandra \
--from-literal=truststore-password=cassandra

In this example, the name of the secret is cassandra-tls.

Helm chart source

Redis

Redis

Prometheus

Prometheus

Grafana

Grafana

Provisioner

Helm chart source