diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/_category_.json b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/_category_.json deleted file mode 100644 index 46671c89..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/_category_.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "label": "Installation Guide (Old)", - "position": 3 -} diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/introduction.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/introduction.md deleted file mode 100644 index c055b9f9..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/introduction.md +++ /dev/null @@ -1,61 +0,0 @@ ---- -sidebar_position: 1 -sidebar_label: Introduction ---- - -# SettleMint BTP - Installation Guide - -Welcome to the SettleMint Blockchain Transformation Platform (BTP) guide. This guide is designed to walk you through the core principles of our platform, outline what you'll need to get started, and guide you through the installation process. - -## Overview - -- [Introduction](#introduction) -- [Understand the installation process](#understand-the-installation-process) -- [Quick Start & Sandbox installations](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-cluster/) -- [Prerequisites](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/Infrastructure/) - -- [Run the Installation](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) -- [Get Support](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/support-and-troubleshooting/) - -## Introduction - -SettleMint BTP is built to ensure unmatched flexibility through its "Bring Your Own Infrastructure" strategy. - -This strategy enables seamless integration of the blockchain transformation platform 'BTP' with your existing infrastructure, covering cloud services, databases, authentication providers, and storage solutions. - -It also provides numerous benefits, such as enabling you to specify the high availability and readiness of each component, customize your disaster recovery plan, and implement the platform on familiar, white-labeled components, among others. - - - -After finishing the installation, you will have access to a suite of services and tools designed to support you throughout your blockchain journey. To explore these tools in detail, we invite you to visit our [Developer Hub](/docs/about-settlemint/intro/). - -- **Public chains**: Polygon PoS, Polygon zkevm, Ethereum, Avalanche, Arbitrum, Optimism, Binance Smart Chain, Fantom, Hedera _(Internet access required)_ -- **Public chains**: Polygon PoS, Polygon zkevm, Ethereum, Avalanche, Arbitrum, Optimism, Fantom, Hedera _(Internet access required)_ -- **Private chains**: Hyperledger Besu, Quorum, Hyperledger Fabric -- **Block Explorers**: Otterscan for Public networks, Blockscout for permissioned -- **Storage**: IPFS, MinIO -- **Integration Tools**: Integration studio, Hasura -- **Integrated IDE**: Including smart contract sets -- **Smart contract Indexer**: The Graph Middleware - -It's essential to remember that preparing your infrastructure and necessary services is a [prerequisite](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/Infrastructure/). Once this foundation is established, you'll need to populate the helm charts values file, as detailed in the subsequent "Platform installation” section. - -## Understand the Installation Process - -The installation procedure encompasses a series of crucial steps, including acquiring a licence, setting up your environment, launching the platform, and adjusting settings after installation. - -### The Installation Process - -1. **Obtain a License:** Contact SettleMint at [support@settlemint.com](mailto:support@settlemint.com) to obtain a licence key. -2. **Registry Authentication:** Authenticate with our container registry using the credentials provided via email. -3. **Prepare Your Environment:** Set up your Kubernetes cluster, configure the domain, TLS, storage, and authentication provider (see prerequisites). -4. **Service Preparation:** Deploy and configure the required services (Redis, Postgres, Vault) as per your HA and configurability needs. -5. **Deploy the Platform:** Use Helm to add the SettleMint repository, update it, and install BTP v7 with your custom configurations. -6. **Enjoy the Platform 🥳:** Access and explore the functionalities of SettleMint BTP. - -Should you encounter any issues or have questions during any phase of the installation process, feel free to contact us at [support@settlemint.com](mailto:support@settlemint.com). Our team is ready to assist you. - -Next: - -- [Explore one of our sandbox installations](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-cluster/) to get a hands-on feel for the platform -- [Proceed to the prerequisites page](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/Infrastructure/) to prepare for a full installation diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/_category_.json b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/_category_.json deleted file mode 100644 index 91ae1e96..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/_category_.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "label": "Legacy", - "position": 8 -} diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/auth-api-requests.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/auth-api-requests.md deleted file mode 100644 index be61cdbf..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/auth-api-requests.md +++ /dev/null @@ -1,35 +0,0 @@ -# Authenticating API Requests on SettleMint On-Premise Platform - -Below is a step by step instruction guide on how to authenticate API requests on the SettleMint On-Premise platform using HTTP Basic Authentication. It addresses a specific issue related to the API endpoint authentication. The document aims to guide developers in understanding and implementing the authentication process for accessing the GraphQL server in the on-premise environment. - -## Overview: - -The SettleMint On-Premise platform utilizes HTTP Basic Authentication to authenticate API requests. This authentication method requires providing the appropriate credentials in the URL scheme. By following the instructions below, developers can successfully authenticate and access the GraphQL server in the on-premise environment. - -## Authentication Procedure: - -To authenticate API requests in the SettleMint On-Premise platform, follow these steps: - -1. Format the URL: - After the "https://" prefix, insert the username and password in the following format: **`username:password@`**. -2. Construct the API endpoint URL: - Append the formatted URL from step 1 with the domain and API path you want to access. For example use this format for the Graph middleware: - `"https://:@//"` -3. Perform the API request: - Use the constructed API endpoint URL from step 2 to make the API request using an HTTP client of your choice (e.g., cURL). Ensure the appropriate HTTP method is used based on the intended action (GET, POST, etc.). - -## Example Usage: - -To illustrate the authentication process, consider the following example: - -API Endpoint: **`https://middleware-c188:8a7f0abf64e6709f9adb@onprem-mertcanatan.settlemint.com/middleware/middleware-c188/subgraphs/name/erc20-b6ad`** - -In the above example, the username is **`middleware-c188`**, and the password is **`8a7f0abf64e6709f9adb`**. By including these credentials in the URL, the API request will be authenticated. - -## Important Note: - -Please note that the authentication process may differ between the SettleMint On-Premise (onprem) and Software-as-a-Service (SaaS) environments. Ensure you follow the appropriate authentication method based on the environment you are working with. - -## Conclusion: - -By following the provided instructions, developers can successfully authenticate API requests in the SettleMint On-Premise platform using HTTP Basic Authentication. This authentication method ensures secure access to the GraphQL server in the on-premise environment. For more details and comprehensive documentation, developers can refer to the Keycloak Authentication guide available in the SettleMint documentation portal. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/completing-setup-and-deploying.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/completing-setup-and-deploying.md deleted file mode 100644 index d9efa915..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/completing-setup-and-deploying.md +++ /dev/null @@ -1,79 +0,0 @@ -# Completing Setup - -Once the Admin Console and the base SettleMint Platform deployer have been installed either on an [airgapped cluster](./install-airgap/install-airgap.md) -or on a [cluster connected to the internet](./install-online/install-online.md) -, you can proceed to the next step of configuring and installing the SettleMint Platform. - -You can access the Admin Console to complete the SettleMint Platform setup, run preflight checks, and deploy. - -## Access the Admin Console and Deploy the Application - -- To complete the application setup and deploy, access the Admin Console on port 8800: - - - **Existing cluster**: If the port forward is active, go to [http://localhost:8800](http://localhost:8800/) to - access the admin console. - - If you need to reopen the port forward to the Admin Console, run the following command: - - ``` - kubectl kots admin-console -n APP_NAMESPACE - ``` - - Replace `APP_NAMESPACE` with the namespace on the cluster where you installed the application. - -- Log in to the admin console: - - - **Existing cluster**: Log in with the password that you created during installation. - - ![CleanShot 2022-10-01 at 13.01.15@2x.png](/img/completing-setup-and-deploying/CleanShot_2022-10-01_at_13.01.152x.png) - -- Upload the license file [downloaded from Step 1](./download/download-portal.md) - - ![CleanShot 2022-10-01 at 13.01.29@2x.png](/img/completing-setup-and-deploying/CleanShot_2022-10-01_at_13.01.292x.png) - -- Upload the `.airgap` Airgapped Bundle downloaded from Step 1 or press the install from the - internet link at the bottom if your cluster is connected to the internet. - - ![CleanShot 2022-10-01 at 13.01.52@2x.png](/img/completing-setup-and-deploying/CleanShot_2022-10-01_at_13.01.522x.png) - -- If there are configurations specific to the application, complete the fields on the configuration screen then - click **Continue**. The required and optional configuration fields on this screen are used to build the final - deployable Kubernetes manifests for the application. - - ![CleanShot 2022-10-01 at 13.05.31@2x.png](/img/completing-setup-and-deploying/CleanShot_2022-10-01_at_13.05.312x.png) - -- Complete the preflight checks. The admin console automatically runs preflight checks (conformance tests) against the - target namespace and cluster to ensure that the environment meets the minimum requirements to support the - application. - - ![CleanShot 2022-10-01 at 13.51.30@2x.png](/img/completing-setup-and-deploying/CleanShot_2022-10-01_at_13.51.302x.png) - -- Check warnings and failures: - - - Resolve the warnings and failures, and click **Re-run** to run the preflight checks again. - - If there are no failures that prevent application deployment, you can choose to dismiss the preflight check - warnings to continue. - - If you are installing with minimal role-based access control (RBAC), the admin console recognizes if the preflight - checks failed due to insufficient privileges. - - When this occurs, a kubectl preflight command displays that lets you manually run the preflight checks. The results - are then automatically uploaded to the admin console. - -After preflight checks are complete, Replicated deploys the admin console and the application, and the admin console -dashboard opens: - -![CleanShot 2022-10-01 at 14.05.30@2x.png](/img/completing-setup-and-deploying/CleanShot_2022-10-01_at_14.05.302x.png) - -1. (Recommended) Change the admin console login password: - 1. Click the menu in the top right corner of the admin console, then click **Change password**. - 2. Enter a new password in the dialog, and click **Change Password** to save. - - - -2. Configure application and cluster monitoring. This allows you to view graphs on the admin - console dashboard with key metrics collected by Prometheus. - diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/_category_.json b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/_category_.json deleted file mode 100644 index 0ccdb64c..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/_category_.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "label": "Download", - "position": 10 -} diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-airgap.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-airgap.md deleted file mode 100644 index 9a448978..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-airgap.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -sidebar_position: 3 ---- - -# Airgap Installation - -If you wish to install on an airgapped cluster, you will have to pre-download all the software to the machine that has -access to the cluster. - -From the SettleMint Download Portal, download the following files - -1. License file -2. KOTS CLI -3. KOTS Airgap Bundle -4. SettleMint Platform Airgapped Bundle - - Full Bundle or Small Bundle : If you choose the small bundle, set up separate pipeline to push images to your repository. - See [below](#understanding-the-structure) for a more detailed explanation. - -Continue with [Step 2](../install-airgap/install-airgap.md) - -## Understanding the Structure - -Apart from the license file, the installation requires 3 broad categories of software. - -1. The framework to install and update your application. It consists of the KOTS CLI and the KOTS admin bundle. -2. The images that make up the SettleMint Platform. They are the "heaviest" part of the bundle and make up more than 90% of the size. -3. The deployment scripts that apply the configuration you set in the framework to the images to tailor the SettleMint - Platform to work within your premises. - -The images and deployment scripts are part of the SettleMint Platform software and are typically delivered to you as -a **bundle** (called the SettleMint Platform bundle). - -The SettleMint Platform bundle can be received in 2 ways - -## Option 1 : Full Airgapped Bundle - -If you chose to receive the SettleMint Platform as a Full Airgapped Bundle : you will receive one large file containing -the images and deployments scripts. - -Everytime you wish to upgrade or update the SettleMint Platform, you will need to download the latest version of -SettleMint Platform Full Airgapped Bundle (all versions will be available to you from the admin console). - -You may also need to get newer versions of the framework software, but our license page will indicate if so. - -## Option 2 : Small Airgapped Bundle and Separate Pipeline for Images - -The other option is to download the SettleMint Platform as a Small Airgapped Bundle and choose to receive the images via a separate pipeline. - -In this case, a separate script will be delivered to your DevOps team to -download the specified versions of the images needed for the SettleMint Platform. Make sure that these images are in place -in your local repository so that they are accessible to the airgapped cluster. - -The SettleMint Platform Small Airgapped Bundle will be a much smaller file (10% of the Full Airgap Bundle) and -will consist only of the deployment scripts and minimal images required to facilitate the installation. - -Please note that with this option, upgrading to a another version of the SettleMint Platform will require: - -- the DevOps team to use the provided script to download the corresponding images and upload them to the local registry. -- a download of the Small Airgapped Bundle of the SettleMint Platform from the admin console. -- You may also need to get newer versions of the framework software, but our license page will indicate if so. - -Once you have downloaded all the files from the link shared with you, you can check that your setup meets the minimum -[requirements](../requirements.md) before continuing with the -[installation](../install-airgap/install-airgap.md). diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-online.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-online.md deleted file mode 100644 index 5d5c67ee..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-online.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -sidebar_position: 2 ---- - -# Online Installation - -To proceed with the online installation, you only need to download the license file from the download portal. - -Check that your setup meets the minimum [requirements](../requirements.md) -before proceeding with the [installation](../install-online/install-online.md). diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-portal.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-portal.md deleted file mode 100644 index a670af15..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/download/download-portal.md +++ /dev/null @@ -1,61 +0,0 @@ ---- -sidebar_position: 1 ---- - -# Download Portal - -Access the password-protected **SettleMint Download Portal** using the link your sales representative may have shared -with you. - -Once you are logged in, you will be able to download all the files you need to proceed with the installation of the SettleMint -Platform. It may look like this. - -![](/img/installing-on-an-existing-cluster/CleanShot_2022-10-01_at_16.52.342x.png) - -There are 3 options to set up the install. Depending on your license, you can choose one of these and proceed. - -1. [**Online installation**](./download-online.md) - - In an online installation, the cluster on which you propose to install the SettleMint Platform has internet access - and can fetch all the required files/images as required. In this case, you only need to download the license file to - proceed. - -2. [**Airgapped installation**](./download-airgap.md) - - In an airgapped installation, the cluster on which you propose to install the SettleMint Platform does not have - internet access. Hence **all the software** will need to be pre-downloaded to the machine that will have access to - the cluster. - - You will need to download the following - -- License file -- Installers - - [KOTS CLI](../install-airgap/install-kots.md) - - [KOTS admin console](../install-airgap/install-kotsadm.md) -- SettleMint Platform, comprising of - - Deployer image and scripts - - All the component images - -You have two further options for airgapped installs : a FULL bundle or a SMALL bundle. - -In both cases, the "Installers" software will have to be downloaded separately. - -- **Airgapped with Full bundles** - - The SettleMint Platform will be provided as a **FULL** airgapped bundle. This will entail downloading 1 big file (size - of the order of 10 GB) which includes the deployer and component images. - -- **Airgapped with Small bundles.** - - The **SMALL** airgapped bundle breaks down the bundle into a deployer bundle (size of the order of 100 MB), and - provides a script to push the component images required by the SettleMint Platform to your image repository for access - during the installation. The advantage here is two-fold: - - - First, you are not gated by a big download for each install. - - Second, platform upgrades require only updated deployer images and the specific upgraded images, not a fresh download of - the "FULL" bundle. - -Choose **one** of the options below and proceed. - -- [Online Environment](./download-online.md) -- [Airgapped Environment](./download-airgap.md) diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/_category_.json b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/_category_.json deleted file mode 100644 index 03270f84..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/_category_.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "label": "Airgap", - "position": 2 -} diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-airgap.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-airgap.md deleted file mode 100644 index 45b3b2ef..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-airgap.md +++ /dev/null @@ -1,87 +0,0 @@ -# Install the SettleMint Platform in an Airgap Environment - -When installing the SettleMint Platform on a cluster without internet access, you will need to ensure that you have -followed the steps discribed in the [download section](../download/download-airgap.md) to download the required license and installation files. - -Airgapped install is only available for licenses that have the airgapped feature enabled. - -## Image Registry for Airgapped Installations - -To install an application into an airgapped cluster, you must have a docker image registry that is available inside the -network. - -The app manager rewrites the application image names in all application manifests to read from the on-prem registry, and -it retags and pushes the images to the on-prem registry. When authenticating to the registry, credentials with push -permissions are required. - -A single application expects to use a single “namespace” in the docker image registry. - -The namespace name can be any valid URL-safe string, supplied at installation time. Keep in mind that a registry -typically expects the namespace to exist before any images can be pushed into it. - -To install on an existing cluster that is airgapped, run the following from the machine that is connected to the -airgapped cluster. - -1. **Install the [KOTS CLI](./install-kots.md) plugin** - - ```bash - curl https://kots.io/install | bash - ``` - -Refer to [KOTS CLI](./install-kots.md) for more details on verifying the version of your KOTS plugin as well as for more -details on Open Shift command line linkages. 2. **Install the [Admin Console](./install-kotsadm.md)** - -3. **Install the SettleMint Platform application via the Admin Console** - - As explained in the [download section](../download/download-airgap.md), - there are 2 ways to proceed with your airgapped installations: Full or Small Bundles. In the case of **Small** - Bundle, there is an additional step to run the script to push the images to your local registry. You must run this step - **prior** to running the `kots install` command below. - - The [instructions to set up the images on your local registry are here](./installer-pull-images.md). - - Note that in the following commands, the SettleMint Platform application **SLUG** will be provided to you based on - the version that you are installing. - - General format: - - ```bash - kubectl kots install - ``` - - Airgapped Small bundle installation: - - ```bash - kubectl kots install settlemint-platform/stable-small-airgap - ``` - - - Use the command below to specify the private registry and other arguments - - When prompted by the `kots install` command: - 1. Provide the namespace where you want to deploy the application and the Admin Console. - 2. Create a new password for logging in to the Admin Console. - -**Example** - -```bash - kubectl kots install settlemint-platform/stable-small-airgap - --kotsadm-namespace settlemint-platform - --kotsadm-registry private.registry.host - --registry-username REGISTRY-USERNAME - --registry-password REGISTRY-PASSWORD - --wait-duration 20m - --ensure-rbac --strict-security-context --use-minimal-rbac - - Enter the namespace to deploy to: settlemint-platform - • Deploying Admin Console - • Creating namespace ✓ - • Waiting for datastore to be ready ✓ - Enter a new password to be used for the Admin Console: •••••••••• - • Waiting for Admin Console to be ready ✓ -``` - -After the `kots install` command installed the Admin Console and the application on the cluster, it creates a port -forward to the Admin Console. The Admin Console is exposed internally on the cluster and can only be accessed using a -port forward. - -Log in to the Admin Console to complete the application setup, run preflight checks, and deploy. -See [Completing Application Setup and Deploying](../completing-setup-and-deploying.md) diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-kots.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-kots.md deleted file mode 100644 index 6073e95e..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-kots.md +++ /dev/null @@ -1,42 +0,0 @@ -# Install the KOTS CLI - -The [KOTS CLI](https://github.com/replicatedhq/kots) is a kubectl plugin that helps to configure and build dynamic -Kubernetes manifests. - -The Kots CLI also serves as the bootstrapper for the in-cluster Kubernetes application Admin -Console [kotsadm](./install-kotsadm.md) which can be used to automate the core Kots CLI tasks for managing -applications (license verification, configuration, updates, image renaming, version controlling changes, and deployment) -as well as additional KOTS tasks (running preflight checks and performing support bundle analysis). - -## Install KOTS CLI - -```bash - curl https://kots.io/install | bash -``` - -Confirm the installation was successful with either of the following commands - -```bash -$ kubectl kots version -Replicated KOTS 1.88.0 -``` - -```bash -$ oc kots version -Replicated KOTS 1.88.0 -``` - -The version needed for each SettleMint Platform will be specified in the Download Portal. - -See [here](https://github.com/replicatedhq/kots/releases) for all KOTS releases. - -To install KOTS manually - -1. Download the latest release for your operating system - from [here](https://github.com/replicatedhq/kots/releases/latest) - -2. Unpack the release. - -3. Rename the kots executable kubectl-kots ( or oc-kots) - -4. Copy the renamed kubectl-kots (or oc-kots) to anywhere on the PATH. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-kotsadm.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-kotsadm.md deleted file mode 100644 index 7dfe57f9..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/install-kotsadm.md +++ /dev/null @@ -1,44 +0,0 @@ -# Install the kotsadm Package - -The kotsadm package provides the admin console which facilitates the installation of the SettleMint Platform. - -In an airgapped environment, the kotsadm package needs to be downloaded and pushed to a private repository using -the `kubectl kots` command. Following this, the KOTS plugin will bootstrap the admin console to automate the -management of the application. - -See section "Image Registry" in [this doc](./install-airgap.md). This registry must be set up before installing the -kotsadm package. - -## Install the Admin Console - -1. Download the admin console binary bundle, `kotsadm.tar.gz` ([Downloads](../download/download-airgap.md)) - - - latest kotsadm release notes can be found [here](https://docs.replicated.com/release-notes/rn-app-manager) - -2. Run the following command to extract admin console container images and push them into - the [private registry created as part of the Airgapped Installation](./install-airgap.md): - - ``` - kubectl kots admin-console push-images ./kotsadm.tar.gz private.registry.host/settlemint-platform \ - --registry-username RW_USERNAME \ - --registry-password RW_PASSWORD - ``` - - Replace: - - `RW_USERNAME` with the username for an account that has read and write access to the private image registry. - - `RW_PASSWORD` with the password for the account with read and write access. - -3. Install the admin console using the images that you pushed in the previous step: - - ``` - kubectl kots install settlemint-platform \ - --wait-duration 20m \ - --ensure-rbac \ - --strict-security-context \ - --kotsadm-namespace settlemint-platform \ - --kotsadm-registry private.registry.host \ - --registry-username RO-USERNAME \ - --registry-password RO-PASSWORD - ``` - - Replace: - `RO_USERNAME` with the username for an account that has read-only access to the private image registry. - `RO_PASSWORD` with the password for the read-only account. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/installer-pull-images.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/installer-pull-images.md deleted file mode 100644 index 257b6e05..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-airgap/installer-pull-images.md +++ /dev/null @@ -1,18 +0,0 @@ -# Pull images to your local registry (Small Airgap) - -Follow these steps from the machine that is connected to your airgapped cluster. - -1. Install `crane` - - Instructions [here](https://github.com/google/go-containerregistry/tree/main/cmd/crane#installation) - -2. Ensure your image registry is setup. See the [Image Registry Section](./install-airgap.md). - -3. Run the provided script mentioned in the [download section](../download/download-airgap.md) to pull the images - from our repository and push them on your registry. - - ```bash - ./installer-pull-images.sh - ``` - - Please note, only use the FQDN of the image registry, the "https://"-prefix is not required. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/_category_.json b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/_category_.json deleted file mode 100644 index c2f1ac96..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/_category_.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "label": "Online", - "position": 1 -} diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-kots.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-kots.md deleted file mode 100644 index 161b4eef..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-kots.md +++ /dev/null @@ -1,42 +0,0 @@ -# Install the KOTS CLI - -The [KOTS CLI](https://github.com/replicatedhq/kots) is a kubectl plugin that helps to configure and build dynamic -Kubernetes manifests. - -The Kots CLI also serves as the bootstrapper for the in-cluster Kubernetes application Admin -Console [kotsadm](./install-kotsadm.md) which can be used to automate the core Kots CLI tasks for managing -applications (license verification, configuration, updates, image renaming, version controlling changes, and deployment) -as well as additional KOTS tasks (running preflight checks and performing support bundle analysis). - -## Install KOTS CLI - -```bash - curl https://kots.io/install | bash -``` - -Confirm the installation was successful with either one of the following commands: - -```bash -$ kubectl kots version -Replicated KOTS 1.88.0 -``` - -```bash -$ oc kots version -Replicated KOTS 1.88.0 -``` - -The version needed for each SettleMint Platform will be specified in the Download Portal. - -See [here](https://github.com/replicatedhq/kots/releases) for all KOTS releases. - -To install KOTS manually - -1. Download the latest release for your operating system - from [here](https://github.com/replicatedhq/kots/releases/latest) - -2. Unpack the release. - -3. Rename the kots executable kubectl-kots (or oc-kots) - -4. Copy the renamed kubectl-kots (or oc-kots) to anywhere on the PATH. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-kotsadm.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-kotsadm.md deleted file mode 100644 index 8052c36f..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-kotsadm.md +++ /dev/null @@ -1,14 +0,0 @@ -# Install the kotsadm Package - -The kotsadm package provides the admin console which facilitates the installation of the SettleMint Platform on your cluster. - -## Install the admin Console - -1. Install the admin console: - - ```bash - kubectl kots install settlemint-platform \ - --wait-duration 20m \ - --ensure-rbac \ - --strict-security-context - ``` diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-online.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-online.md deleted file mode 100644 index eef41363..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/install-online/install-online.md +++ /dev/null @@ -1,82 +0,0 @@ -# Install the SettleMint Platform in an Online Environment - -You can install the SettleMint Platform on an existing Kubernetes cluster that contains nodes that can access the -internet. - -During an online installation, the installer pulls container images from the upstream registries directly. - -To install on an existing cluster in an online environment, run the following commands from the machine that has access to the -cluster. - -1. **Install the KOTS CLI plugin**: - - ```bash - curl https://kots.io/install | bash - ``` - - Refer to [KOTS CLI](./install-kots.md) for more details on verifying the version of your KOTS plugin as well as for more - details on Open Shift command line linkages. - -2. **Install the admin console and the SettleMint Platform on the cluster** - -The command that installs the admin console and the SettleMint Platform on the cluster has the following syntax: - -```bash - kubectl kots install -``` - -Note in the following commands that the SettleMint Platform application **SLUG** will be provided to you. - -For the online installation the application **SLUG** is just **settlemint-platform**: - -```bash - kubectl kots install settlemint-platform -``` - -- **Install the latest version of the SettleMint Platform**: - - If you want to install the latest version, you can run the following command in a terminal: - - ```bash - kubectl kots install settlemint-platform --wait-duration 20m --ensure-rbac --strict-security-context - ``` - -- **Install a specific version of the SettleMint Platform**: - - With the admin console v1.67.0 and later, you can install a - specific version of the SettleMint Platfrom. - - - Use the `app-version-label` argument and the version label for a particular - version of your vendor's application. - - ```bash - kubectl kots install settlemint-platform --wait-duration 20m --ensure-rbac --strict-security-context --app-version-label=VERSION_LABEL - ``` - - Replace: - - - `VERSION_LABEL` with the label for the version of the application to install. For - example, `--app-version-label=3.0.1`. - - - When prompted by the `kots install` command: 1. Provide the namespace where you want to deploy the application and the admin console. 2. Create a new password for logging in to the admin console. - -- **Example**: - - ```bash - $ kubectl kots install settlemint-platform - Enter the namespace to deploy to: settlemint-demo - • Deploying Admin Console - • Creating namespace ✓ - • Waiting for datastore to be ready ✓ - Enter a new password to be used for the Admin Console: •••••••• - • Waiting for Admin Console to be ready ✓ - • Press Ctrl+C to exit - • Go to http://localhost:8800 to access the Admin Console - ``` - -After the `kots install` command installed the admin console and the application on the cluster, it creates a port -forward to the admin console. The admin console is exposed internally on the cluster and can only be accessed using a -port forward. - -Log in to the admin console to complete the application setup, run preflight checks, and deploy. -See [Completing Application Setup and Deploying](../completing-setup-and-deploying.md). diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/overallResourceAllocation.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/overallResourceAllocation.md deleted file mode 100644 index b6ae3daa..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/overallResourceAllocation.md +++ /dev/null @@ -1,31 +0,0 @@ -# Overall Resource Allocation - -## Platform Resource Requirements - -- Total Minimum CPU: 3 cores -- Total Recommended CPU: 16.15 cores -- Total Minimum Memory: 8 GiB -- Total Recommended Memory: 30.5 GiB - -Please note that these requirements are specifically for the core components of the SettleMint platform and assume the deployment of one instance of each service, including ipfs, integration-studio, middleware, besu, firefly, and ide. - -For detailed resource requirements for each image, you can refer to the [Default resource requirements -](https://console.settlemint.com/documentation/docs/reference/resources/), where you will find a breakdown of the requirements for each image. - -## Consideration for Multiple Besu Nodes - -To ensure network stability and fault tolerance, it is recommended to deploy a minimum of 4 besu nodes for the blockchain component. Adjusting the resource requirements accordingly, here are the adjusted requirements for 4 besu nodes: - -- Total Minimum CPU (including 4 besu nodes): 3.4 cores -- Total Recommended CPU (including 4 besu nodes): 17.35 cores -- Total Minimum Memory (including 4 besu nodes): 11.896 GiB -- Total Recommended Memory (including 4 besu nodes): 50.98 GiB - -## Overhead Consideration - -To account for any additional resource needs and ensure smooth performance, it is recommended to allocate a certain overhead. While the exact overhead percentage may vary based on your specific deployment and usage patterns, a commonly suggested starting point is around **20%**. You can adjust this value over time based on your monitoring and performance analysis. - -Please refer to the [Default resource requirements -](https://console.settlemint.com/documentation/docs/reference/resources/) for more detailed information on the resource requirements for each image. - ---- diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/requirements.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/requirements.md deleted file mode 100644 index 07fc7b9f..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/legacy/requirements.md +++ /dev/null @@ -1,83 +0,0 @@ ---- -sidebar_position: 9 ---- - -# Installation Requirements - -This topic describes the requirements for installing the SettleMint Platform. - -## Supported Browsers - -The following table lists the browser requirements for the latest admin console. - -| Browser | Support | -| ----------------- | ----------- | -| Chrome | 66+ | -| Firefox | 58+ | -| Opera | 53+ | -| Edge | 80+ | -| Safari | 13+ | -| Internet Explorer | Unsupported | - -## Kubernetes Version Compatibility - -Each release of the SettleMint Platform maintains compatibility with the current Kubernetes and OpenShift version, and -the two most recent versions at the time of its release. This includes support against all patch releases of the -corresponding Kubernetes version. - -| KOTS Versions | Kubernetes Compatibility | OpenShift Compatibility | -| --------------- | ------------------------ | ----------------------- | -| v1.78 and later | v1.26 and later | v4.8 or later | - -## Minimum System Requirements - -This section describes the minimum system requirements for installing the admin console on an existing -cluster or on an embedded cluster created by the Kubernetes installer. - -### Existing Cluster Requirements - -To install the admin console on an existing cluster, the cluster must meet the following requirements: - -- **Admin console minimum requirements**: The admin console requires a minimum of 5 GB of disk space on the cluster. This - includes 4 GB for the object store PersistentVolume and 1 GB for the PostgreSQL PersistentVolume. - - **LimitRanges**: The admin console pod requests 50m CPU resources and 50 Mi memory. Existing clusters that have - LimitRanges specified must support these values. -- **Kubernetes version compatibility**: The version of Kubernetes running on the cluster must be compatible with the - version of the platform. - - For more information about the versions of Kubernetes that are compatible with each version, see [Kubernetes Version - Compatibility](#kubernetes-version-compatibility) above. - -- **OpenShift version compatibility**: For Red Hat OpenShift clusters, the version of OpenShift must use a supported - Kubernetes version. For more information about supported OpenShift versions, see [Kubernetes Version - Compatibility](#kubernetes-version-compatibility) above. -- **Storage class**: The cluster must have a default storage class available. To enable volume scaling VolumeExpansion - needs to be enabled. For more information, - see [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) in the Kubernetes documentation. -- **Role-based access control (RBAC)**: SettleMint requires the following RBAC permissions on the cluster: - - - An existing namespace and an RBAC binding that permits the user of the kubectl command-line tool to create - workloads. - - cluster-admin permissions to create namespaces and assign RBAC roles across the cluster. - - If your environment does not allow you to create cluster level objects, add the `--use-minimal-rbac` flag to - the `kots install` command. - -### Kubernetes Installer Cluster Requirements - -To install the admin console on an embedded cluster created by the Kubernetes installer, your environment -must meet the following requirements: - -- 4 CPUs or equivalent per machine. -- 8 GB of RAM per machine. -- 40 GB of disk space per machine. -- TCP ports 2379, 2380, 6443, 6783, 10250, 10251, and 10252 open between cluster nodes. -- UDP ports 6783 and 6784 open between cluster nodes. -- The Kubernetes installer is based on the open source kURL project. You must meet the additional requirements of the - kURL project to use the Kubernetes installer. - See [System Requirements](https://kurl.sh/docs/install-with-kurl/system-requirements) in the kURL open source - documentation. -- Root access is required. - -Once all requirements are checked off, please proceed to [Step 2 - Airgap](./install-airgap/install-airgap.md) if you wish to install -on an airgapped cluster or [Step 2 - Online](./install-online/install-online.md) for the online installation. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/Infrastructure.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/Infrastructure.md deleted file mode 100644 index 3a334078..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/Infrastructure.md +++ /dev/null @@ -1,462 +0,0 @@ ---- -sidebar_position: 2 -sidebar_label: 'Infrastructure' ---- - -Before starting the installation, ensure your environment meets the following requirements: - -# Infrastructure - - -The following components are a prerequisite to run BTP successfully. Collect the values here to use them later in the [helm chart values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/). - -At this stage, we highly recommend taking a moment to explore our quick start examples, if you haven't already. This will give you a valuable overview of the different components involved. - -## Configure the Kubeconfig - -This step involves obtaining and setting up the kubeconfig file to access the Kubernetes cluster. Depending on the provider, you may need to download it or obtain it using provider-specific commands. After obtaining the kubeconfig, ensure it's correctly merged if necessary and verify that the correct cluster is set as active. - -### Examples - -- For Google Cloud (GKE), use `gcloud container clusters get-credentials`. -- For CIVO Cloud, download it from the dashboard and merge it into your local kubeconfig. -- For Digital Ocean, utilize `doctl kubernetes cluster kubeconfig save`. - -## Helm 3 and Pre-flight Checks - -Make sure you have Helm v3 installed. Installation instructions can be found on [https://helm.sh/docs/intro/install/](https://helm.sh/docs/intro/install/). - -After you have Helm 3 set up, install and run the preflight checks plugin: - -``` -curl https://krew.sh/preflight | bash -helm template oci://registry.settlemint.com/settlemint-platform/settlemint --version x.x.x | kubectl preflight - -``` - -## Ingress Controller - -For the successful operation of the SettleMint Blockchain Transformation Platform (BTP), it's essential that your Kubernetes cluster is outfitted with an Ingress Controller. This key component plays a vital role in directing external traffic towards BTP services in an effective and secure manner. Ensure that your Kubernetes cluster incorporates an Ingress Controller capable of routing traffic to the BTP. If you're in need of one, the Ingress-Nginx Controller comes highly recommended for its reliability and security, making it an excellent choice for BTP. For more information, please visit: [https://kubernetes.github.io/ingress-nginx/](https://kubernetes.github.io/ingress-nginx/). If opting for Ingress-Nginx, we provide a straightforward option to link BTP with it. For users of other ingress solutions, such as the OpenShift Router, you will need to manually create an equivalent ingress configuration. Remember to substitute all instances of `settlemint.local` with the hostname of your choice. - -### A typical set of parameters you should collect: - -- `hostname`: the hostname on which BTP will be available. This domain name needs to be routed to the public IP address of the ingress controller service. - - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - - -```yaml -ingress: - enabled: true - className: nginx - host: "" - annotations: - cert-manager.io/cluster-issuer: "letsencrypt" - nginx.ingress.kubernetes.io/ssl-redirect: "false" - tls: - - secretName: "blockchaintransformationplatform" - hosts: - - "" - - "*." -``` - -## OAuth2 Provider - -The OAuth2 providers we support include Google, GitHub, Auth0, and Keycloak. If you require integration with other systems, such as LDAP, we recommend utilizing Keycloak. Keycloak allows for the configuration of LDAP settings and supports straightforward username/password accounts. - -### A typical set of parameters you should collect: - -- `clientID`: This is the OAuth Client ID specified by your provider. -- `clientSecret`: This refers to the OAuth Client Secret provided by your provider. -- `issuerURL`: This is the URL of the provider that will be utilized to verify the JWT token. - -The following is a list of available providers and the values they accept: - - -```yaml -google: - enabled: false - clientID: "" - clientSecret: "" -github: - enabled: false - clientID: "" - clientSecret: "" -auth0: - enabled: false - clientID: "" - clientSecret: "" - issuerURL: "" -keycloak: - enabled: false - clientID: "" - clientSecret: "" - issuerURL: "" -``` - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - -```yaml -auth: - jwtSigningKey: "" - providers: - enabled: true - clientID: "" - clientSecret: "" -``` - -## Redis - -A Redis server is essential for offering session storage for the job queues utilized in the BTP. - -If you don't have one, you have two options: install it yourself, for instance, by following the instructions at [https://github.com/bitnami/charts/tree/main/bitnami/redis](https://github.com/bitnami/charts/tree/main/bitnami/redis), or opt for a managed service such as https://redis.com/cloud/overview. - -A typical set of parameters you should collect: - -- host: the hostname of the redis server -- port: the port of the redis server -- password: the password of the redis server - - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - -```yaml - redis: - host: redis-master.redis.svc.cluster.local - password: supersecretredispassword - ``` - - ## Postgres - -A PostgreSQL server is necessary for hosting the database required by the BTP. - -If you don't currently have a PostgreSQL server, you can set it up yourself by following the guide at [https://github.com/bitnami/charts/tree/main/bitnami/postgresql](https://github.com/bitnami/charts/tree/main/bitnami/postgresql), or you can choose a managed service such as [https://neon.tech/](https://neon.tech/) or [https://aws.amazon.com/rds/postgresql/](https://aws.amazon.com/rds/postgresql/). - -### A typical set of parameters you should collect: - -- `host`: the hostname of the PostgreSQL server -- `port`: the port of the PostgreSQL server -- `username`: the username of the PostgreSQL server -- `password`: the password of the PostgreSQL server -- `database`: the database name of the PostgreSQL server - - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - - -```yaml -postgresql: - host: postgresql.postgresql.svc.cluster.local - user: mypsqlusername - password: mysupersecretpsqlpassword - database: mypsqldbname -``` - -## Storage - -The BTP platform requires a solution that supports both horizontal scaling and access to state files. For this purpose, an S3-compatible API is essential. In environments with internet access, using a bucket in AWS S3 is advised. For operations in air-gapped environments or those preferring to host data within their own data center, MinIO is a suitable alternative. - -The state information is always encrypted. By default, encryption is performed using a key that you provide. Alternatively, you can opt to use an AWS KMS key ARN for encryption through AWS KMS. - -### A typical set of parameters you should collect: - -- S3 connection URL: - - For MinIO: `s3://?region=eu-central-1&endpoint=:9000&disableSSL=true&s3ForcePathStyle=true` - - For AWS S3: `s3://?region=eu-central-1` -- `accessKeyId`: This is the access key for the specified bucket. -- `secretAccessKey`: This is the secret access key for the specified bucket. - - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - -```yaml -state: - s3ConnectionUrl: "s3://myminiobucket?region=eu-central-1&endpoint=minio.minio.svc.cluster.local:9000&disableSSL=true&s3ForcePathStyle=true" -``` - -## Vault Service - -For the BTP, all private key material can be securely stored in Hashicorp Vault. You are required to supply a configured Vault instance, which can be set up on-premise, in your private cloud, or you can utilize the Hashicorp Cloud service. -To accommodate this setup, you must create three kv2 secret engines, each designated for a specific path: - - `ethereum` - - `ipfs` - - `fabric` - -Additionally, an AppRole is necessary to facilitate access to these secrets. - -### A typical set of parameters you should collect: - -- `address`: the address to your vault, in Hashicorp Vault this will look like "https://my-vault.hashicorp.cloud:8200" -- `namespace`: if you are using an enterprise vault, you will have a namespace. Leave this empty if not used -- `roleId`: the roleId of the AppRole -- `secretId`: the secretId of the AppRole - - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - -```yaml -vault: - address: http://vault.vault.svc.cluster.local:8200 - roleId: "" - secretId: "" -``` - -## Observability - -The observability suite within the BTP leverages VictoriaMetrics for metrics, Grafana Loki for logging, Grafana tempo for traces, Grafana for dashboards. - -This observability suite is optional and can be activated as described below. - -### A typical set of parameters you should collect: - - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - - -```yaml -features: - observability: - enabled: true - metrics: - enabled: true - logs: - enabled: true - traces: - enabled: true - collector: "http://tempo:4318/v1/traces". # internal k8s address of tempo service -observability: - metrics-server: - # -- Most cloud providers have a metrics server already installed, so we don't need to install it. EKS does not - enabled: false - kube-state-metrics: - enabled: true - victoria-metrics-single: - enabled: true - basicAuth: "somepassword" # password in htpasswd format, use htpasswd utility to geenrate it - ingress: - enabled: true - annotations: - kubernetes.io/ingress.class: settlemint-nginx - hosts: - - name: "metrics.console.settlemint.local" - path: / - port: http - ingressClassName: settlemint-nginx - loki: - enabled: true - basicAuth: "somepassword" # password in htpasswd format, use htpasswd utility to geenrate it - gateway: - ingress: - enabled: true - ingressClassName: settlemint-nginx - hosts: - - host: "logs.console.settlemint.local" - paths: - - path: / - pathType: Prefix - singleBinary: - persistence: - size: 100Gi - alloy: - enabled: true - endpoints: - external: - prometheus: - enabled: false - url: "" - loki: - enabled: false - url: "" - otel: - enabled: false - url: "" - grafana: - enabled: true - auth: - username: username - password: password - ingress: - enabled: true - ingressClassName: settlemint-nginx - hosts: - - grafana.console.settlemint.local - grafana.ini: - server: - root_url: https://grafana.console.settlemint.local - tempo: - enabled: true -``` - -## SMTP Server - -An SMTP server is required to send emails, such as invitation emails, from the BTP platform. - -### A typical set of parameters you should collect: - -- `host`: the hostname of the SMTP server -- `port`: the port of the SMTP server -- `username`: the username for the SMTP server -- `password`: the password for the SMTP server -- `fromAddress`: the email address that will appear in the 'from' field of the emails sent by the BTP platform - -[In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - -```yaml -internal: - email: - enabled: true - from: "fromAddress" - server: "smtps://username:password@host:port" -``` - -## Kubernetes Target Clusters - -To deploy your blockchain nodes and additional services with the SettleMint Blockchain Transformation Platform (BTP), it's crucial to correctly set up your Kubernetes clusters. Here is a refined explanation that captures all the essential details: - -### 1. Choosing Your Deployment Environment - -BTP can be deployed within a single cluster or across multiple external clusters. Your choice will determine the specific preparations required. - -### 2. Preparing External Clusters - -For external clusters, `kubeconfig` files are necessary. These files must be independent of any cloud provider's specific tools, ensuring compatibility across different environments. -Each external cluster must have the BTP-specific Ingress Controller installed. Achieve this by using our Helm charts values file, making sure to disable any features not needed for your deployment. - -### 3. Namespace Configuration for Deployment - -You have the option to deploy services in separate namespaces for each service or within a single pre-configured namespace. The approach you choose can vary depending on the cluster's organization and your preferences. - -### 4. Setting Up Domain Names for Service Access - -Access to services is facilitated through domain names. The setup can involve: - -- Wildcard DNS - - entries for each cluster, ensuring they include TLS termination to secure the domain. -- Path-based routing as an alternative method, depending on the cluster's setup and requirements. - -Before deploying, please verify that your provided cluster includes an Ingress controller configured to handle routing. Our deployment process assumes and relies on the presence of an Ingress controller for seamless operation. We offer a straightforward "Ingress" object designed specifically for nginx-ingress, which can be easily adjusted to align with your preferred Ingress controller. - -### 5. Enabling Inter-Cluster Connectivity - -Should your deployment strategy require connectivity between different clusters (for instance, to interlink blockchain networks), BTP needs the capability to manage new load balancers and link them with appropriate domain names. - -To facilitate this, activate **p2pLoadBalancers** and configure DNS name management automatically via Cloudflare credentials. This setup is crucial for maintaining seamless communication and interoperability across your infrastructure. - -In addition, the 'mixedLoadBalancers' option facilitates the creation of TCP/UDP load balancers on the same port, which is essential for enabling discovery mechanisms. - - - [In your values file](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/run-the-Installation/) - - -```yaml -targets: - - id: gke - name: "Google Cloud" - icon: google - clusters: - - id: sandbox - name: "Sandbox Demo" - icon: belgium - location: - lat: 50.8505 - lon: 4.3488 - connection: - sameCluster: - enabled: true - namespace: - single: - name: deployments - domains: - service: - tls: true - hostname: "sandbox-saeed.blockchaintransformationplatform.com" - storage: - storageClass: "standard-rwo" - ingress: - ingressClass: "settlemint-nginx" - capabilities: - mixedLoadBalancers: false -``` -Once your values file is prepared, you're all set to proceed with the installation! - -### 6. Network Policies enforcement on the target clusters - -The BTP platform applies NetworkPolicies for CustomDeployment services to restrict access to services to other namespaces. However, not all cloud providers enforce NetworkPolicies by default on their Kubernetes clusters. We strongly recommend enabling NetworkPolicy enforcement on your Kubernetes cluster before creating it. - -Here's how to enable NetworkPolicy enforcement on different cloud providers: - -#### Google Kubernetes Engine (GKE) -When creating a new cluster or updating an existing one: - -```bash -gcloud container clusters create/update CLUSTER_NAME \ - --enable-network-policy -``` - -or enable `Dataplane V2`, which enforce NetworkPolicies. - -```bash -gcloud container clusters update CLUSTER_NAME \ - --enable-dataplane-v2 -``` - -#### Amazon Elastic Kubernetes Service (EKS) -New EKS clusters will have NetworkPolicy enforcement enabled by default. - -If you have an existing cluster without NetworkPolicy enforcement enabled, you can update it by setting the following configuration for EKS CNI plugin: - -```bash -aws eks update-addon --cluster-name YOUR_CLUSTER_NAME --addon-name vpc-cni --addon-version ADDON_VERSION --configuration-values '{"enableNetworkPolicy":"true"}' -``` - -#### Azure Kubernetes Service (AKS) -When creating a new cluster: - -```bash -az aks create --resource-group myResourceGroup --name myAKSCluster --network-policy calico -``` - -To update an existing cluster: - -```bash -az aks update --resource-group myResourceGroup --name myAKSCluster --network-policy calico -``` - -By enforcing NetworkPolicies, you enhance the security of your BTP deployment by controlling traffic flow between pods and namespaces. - -NetworkPolicies look like this: - -```yaml -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: combined-restrict-internal-allow-external - namespace: $namespace -spec: - podSelector: {} - policyTypes: - - Egress - egress: - # 1. Allow DNS resolution (covers GKE, AKS, and EKS) - - to: - - ipBlock: - cidr: 10.0.0.0/8 # For the GKE cluster - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: kube-system - podSelector: - matchLabels: - k8s-app: kube-dns - ports: - - protocol: UDP - port: 53 - - protocol: TCP - port: 53 - # 2. Allow traffic within the same namespace (curl) - - to: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: $namespace - # 3. Allow traffic to all external IPs but block internal IP ranges - - to: - - ipBlock: - cidr: 0.0.0.0/0 - except: - - 10.0.0.0/8 - - 172.16.0.0/12 - - 192.168.0.0/16 -``` \ No newline at end of file diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/_category_.json b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/_category_.json deleted file mode 100644 index f45d3ea4..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/_category_.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "label": "Prerequisites", - "position": 4 -} diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/choosing-a-partner.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/choosing-a-partner.md deleted file mode 100644 index 3f107078..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/choosing-a-partner.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -sidebar_position: 1 -sidebar_label: 'Choosing the Right Support' ---- - -# Choosing the Right Support: Partnering for Succes - -A thorough understanding of Kubernetes concepts, architecture, and operation is essential. This knowledge is crucial for the effective deployment and management of services within your clusters. Additionally, familiarity with Helm, including chart management and customization, will enable you to leverage its capabilities fully for deploying and maintaining applications on Kubernetes. - -Should your team lack the in-house expertise required for managing and maintaining these deployments, we strongly recommend collaboration with one of our certified partners. They are equipped to assist and guide you every step of the way. - -Additionally, we have a team of blockchain technology experts ready to support you with any questions or challenges you might encounter. - -For assistance, please contact us at support@settlemint.com. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/_category_.json b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/_category_.json deleted file mode 100644 index 453742ef..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/_category_.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "label": "Quick Start Examples & Sandbox Installations ", - "position": 3 -} diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-gcp-terraform.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-gcp-terraform.md deleted file mode 100644 index 5e2c6e1e..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-gcp-terraform.md +++ /dev/null @@ -1,187 +0,0 @@ ---- -sidebar_position: 1 -sidebar_label: 'Sandbox Installation: BTP on Google Cloud Platform with Terraform' ---- - -# BTP on Google Cloud Platform - -## **For DEMO purposes only.** -*This is not production ready solution. We run all components locally and not in HA mode. For production, we suggest running PostgreSQL, Redis, and Vault outside of the cluster.* - -This repository contains the code for the tutorial BTP on GCP. - -
- -
- -## Prerequisites - -### Hashicorp Terraform - -For the infrastructure setup, you need to have [Terraform](https://developer.hashicorp.com/terraform/tutorials/gcp-get-started/install-cli) installed. Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions. - -```sh -brew tap hashicorp/tap -brew install hashicorp/tap/terraform -``` - -### Google Cloud Platform - -The Google Cloud Platform (GCP) is a set of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, YouTube, Google Maps, and so on. You will need a Google Cloud Platform account, if you do not have a GCP account, [create one now](https://console.cloud.google.com/freetrial/). Create a new project to be used for the tutorial. - -You will also need the gcloud command line tool, which you can [install](https://cloud.google.com/sdk/docs/install) and authenticate with by running the following command: - -```sh -brew cask install google-cloud-sdk -gcloud auth application-default login -``` - -You will need to enable several API for your project. - -- container.googleapis.com:`` https://console.developers.google.com/apis/api/container.googleapis.com/overview?project=`` -- cloudkms.googleapis.com (KMS) API: ``https://console.developers.google.com/apis/api/container.googleapis.com/overview?project=``` - -Your GCP IAM user should have permission to manage GKE clusters, CloudDNS zones, KMS keys and IAM permissions. Suggest to run it with `Owner` permission. If you cannot grant your GCP user `Owner` permissions, grant following: -- Editor -- Cloud KMS Admin -- Project IAM Admin -- Kubernetes Engine Admin -- Service Account Admin - -### SettleMint Blockchain Transformation Platform credentials - -From your Customer Success contact, you will get login credentials for the SettleMint OCI registry hosting the Helm chart and docker images. We will also need the version to be installed. - -### OAuth2 Provider Setup - -We will use Google login to login to BTP platform. - -Browse https://console.cloud.google.com/apis/credentials/consent and press `CONFIGURE CONSENT SCREEN`. Choose`External` and press create. - -Fill all fields: -`App name` - staging -`User support email` - your email -`Developer contact information` - your email - -Browse to https://console.developers.google.com/apis/credentials and on the top use + CREATE CREDENTIALS, choose `OAuth client ID` and then as type Web application. - -In Authorised JavaScript origins add the domain name you will use to access BTP platform, for example example https://btp.settlemint.com. In Authorised redirect URIs use https://btp.settlemint.com/api/auth/callback/google. - -You will get a Client ID and Client secret at the end of this process, note them down for later. - -## Terraform setup - -Below you will find instruction how to setup BTP platform on GCP with terraform code. It consist 2 steps and manual step, as we need to preconfigure public DNS zone to access BTP platform. - -clone the following github repository: -```sh -git clone git@github.com:settlemint/tutorial-btp-on-gcp.git -``` - -Export following env variables before execute terraform code: -```sh -export TF_VAR_gcp_dns_zone=`YOUR_DNS_ZONE` # DNS zone(subdomain) you are using to access the btp platform, eg btp.settlemint.com -export TF_VAR_gcp_project_id=`YOUR_GCP_PROJECT_ID` # gcp project id where you setup BTP platform -export TF_VAR_gcp_region=`YOUR_GCP_REGION` # where cluster will deploy -export TF_VAR_gcp_client_id=`YOUR_GCP_CLIENT_ID` # from OAuth2 Provider Setup step -export TF_VAR_gcp_client_secret=`YOUR_GCP_CLIENT_SECRET` # from OAuth2 Provider Setup step -export TF_VAR_oci_registry_username=`YOUR_REGISTRY_USERNAME` # provided by Customer Success Team -export TF_VAR_oci_registry_password=`YOUR_REGISTRY_PASSWORD` # provided by Customer Success Team -export TF_VAR_btp_version=`BTP_VERSION` # provided by Customer Success Team - -``` - -### Setting up the DNS zone. - -Step 1: Create the DNS Zone in Google Cloud DNS - -1. Navigate to the `00_dns_zone` folder: -This folder contains the Terraform code to create the DNS zone on Google Cloud DNS. - -2. Run Terraform to create the DNS zone: -Execute the following commands to initialize Terraform and apply the configuration: - -```sh -terraform init -terraform apply -``` - -It will create GCP Cloud DNS with zone from `TF_VAR_gcp_dns_zone` env variable. - -3. Retrieve the nameservers: -After applying the Terraform configuration, note down the nameservers from the output. These nameservers will be used to delegate the subdomain. - -Step 2: Delegate the Subdomain in Your Domain Registrar (Cloudflare as an example) - -1. Log in to your domain registrar (e.g., Cloudflare): -Access the DNS settings for your top-level domain (e.g., settlemint.com). -2. Add NS records for the subdomain: -Use the nameservers retrieved from the Terraform output to delegate the subdomain to Google Cloud DNS. For example, if the subdomain is btp.settlemint.com, add the following NS records: - • Type: NS - • Name: btp (or btp.settlemint.com) - • Content: ns-cloud-a1.googledomains.com - • TTL: Auto -Repeat this for each nameserver provided by Google Cloud DNS (ns-cloud-a2.googledomains.com, ns-cloud-a3.googledomains.com, etc.). - -To check if a domain or subdomain is correctly delegated to the specified nameservers use following command: -```sh -dig NS btp.settlemint.com -``` - -Example of the output: -``` -> dig NS btp.settlemint.com - -; <<>> DiG 9.10.6 <<>> NS btp.settlemint.com -;; global options: +cmd -;; Got answer: -;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57022 -;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 9 - -;; OPT PSEUDOSECTION: -; EDNS: version: 0, flags:; udp: 1232 -;; QUESTION SECTION: -;btp.settlemint.com. IN NS - -;; ANSWER SECTION: -btp.settlemint.com. 300 IN NS ns-cloud-a4.googledomains.com. -btp.settlemint.com. 300 IN NS ns-cloud-a1.googledomains.com. -btp.settlemint.com. 300 IN NS ns-cloud-a2.googledomains.com. -btp.settlemint.com. 300 IN NS ns-cloud-a3.googledomains.com. - -;; ADDITIONAL SECTION: -ns-cloud-a1.googledomains.com. 102654 IN A 216.239.32.106 -ns-cloud-a2.googledomains.com. 102417 IN A 216.239.34.106 -ns-cloud-a3.googledomains.com. 102278 IN A 216.239.36.106 -ns-cloud-a4.googledomains.com. 102507 IN A 216.239.38.106 -ns-cloud-a1.googledomains.com. 102654 IN AAAA 2001:4860:4802:32::6a -ns-cloud-a2.googledomains.com. 102417 IN AAAA 2001:4860:4802:34::6a -ns-cloud-a3.googledomains.com. 102278 IN AAAA 2001:4860:4802:36::6a -ns-cloud-a4.googledomains.com. 102507 IN AAAA 2001:4860:4802:38::6a - -;; Query time: 58 msec -;; SERVER: 10.123.50.1#53(10.123.50.1) -;; WHEN: Mon Jul 01 11:30:57 EEST 2024 -;; MSG SIZE rcvd: 344 -``` - -After the domain is delegated, you can create underlying infrastructure. - -### Setting up the infrastructure. - -In the `01_infrastructure` folder, run the following terraform command to create BTP infrastructure: -```sh -terraform init -terraform apply -``` - -It will create BTP platform on top of GCP cloud. - -### Destroy the infrastructure. - -To destroy infrastructure, run following command: -```sh -terraform destroy -``` - -If it's fail, try to run it second time. diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-cluster.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-cluster.md deleted file mode 100644 index 383debf7..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-cluster.md +++ /dev/null @@ -1,626 +0,0 @@ ---- -sidebar_position: 1 -sidebar_label: 'Sandbox Installation: All Prerequisites in the Cluster' ---- -# SettleMint Platform Sandbox Installation Guide (all prerequisites installed in the cluster) - -This sandbox installation guide provides the steps for setting up and installing the SettleMint Blockchain Transformation Platform on a managed Kubernetes cluster. The guide assumes a prior understanding of Kubernetes, Helm, Google Kubernetes Engine (GKE), and other relevant technologies. - -**NOTE:** Sandbox installations are not designed or suitable for production use and cannot be upgraded to a production-ready state. Use this sandbox setup at your own risk. - -## Contents - -- [SettleMint Platform Sandbox Installation Guide (all prerequisites installed in the cluster)](#settlemint-platform-trial-installation-guide-all-prerequisites-installed-in-the-cluster) - - [Contents](#contents) - - [Requirements](#requirements) - - [Managed Kubernetes Cluster Setup](#managed-kubernetes-cluster-setup) - - [Establish a Cluster](#establish-a-cluster) - - [Configure the Kubeconfig](#configure-the-kubeconfig) - - [Helm Setup](#helm-setup) - - [Prerequisites Installation](#prerequisites-installation) - - [An Ingress Controller](#an-ingress-controller) - - [TLS Configuration](#tls-configuration) - - [Redis Installation](#redis-installation) - - [Postgresql Installation](#postgresql-installation) - - [Minio Installation](#minio-installation) - - [Hashicorp Vault Installation](#hashicorp-vault-installation) - - [Prometheus \& Loki Installation](#prometheus--loki-installation) - - [Kubernetes Target clusters](#kubernetes-target-clusters) - - [OAuth2 Provider Setup](#oauth2-provider-setup) - - [SettleMint Platform Installation](#settlemint-platform-installation) - - [Additional Steps](#additional-steps) - -## [Requirements](#requirements) - -Before proceeding with the installation, ensure the following requirements are met: - -- Access to a google cloud account -- Pre-installed Google Cloud CLI (specifically the `gcloud` command) -- Helm 3 is installed -- Knowledge of Kubernetes, Helm, and GKE - -## [Managed Kubernetes Cluster Setup](#managed-kubernetes-cluster-setup) - -### [Establish a Cluster](#establish-a-cluster) - -In this guide, we are using a GKE cluster as an example. The cluster utilized is zonal, autoscaling, and comprised of `e2-standard-8` machines (8 vCPU/32GB Memory). The cluster can be created using the Google UI, the CLI, or infrastructure as code tools such as Terraform or Pulumi. Below is a sample cluster creation command: - -```bash -gcloud beta container --project "your-project-id" clusters create "trail-cluster" \ - --no-enable-basic-auth \ - --cluster-version "1.29.1-gke.1589017" \ - --release-channel "regular" \ - --machine-type "e2-standard-8" \ - --image-type "COS_CONTAINERD" \ - --disk-type "pd-balanced" \ - --disk-size "100" \ - --metadata disable-legacy-endpoints=true \ - --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append" \ - --num-nodes "1" \ - --enable-ip-alias \ - --network "projects/your-project-id/global/networks/default" \ - --subnetwork "projects/your-project-id/regions/europe-west1/subnetworks/default" \ - --no-enable-intra-node-visibility \ - --default-max-pods-per-node "110" \ - --security-posture=standard \ - --workload-vulnerability-scanning=disabled \ - --enable-dataplane-v2 \ - --no-enable-master-authorized-networks \ - --addons HorizontalPodAutoscaling,HttpLoadBalancing,NodeLocalDNS,GcePersistentDiskCsiDriver \ - --enable-autoupgrade \ - --enable-autorepair \ - --max-surge-upgrade 1 \ - --max-unavailable-upgrade 0 \ - --binauthz-evaluation-mode=DISABLED \ - --autoscaling-profile optimize-utilization \ - --no-enable-managed-prometheus \ - --enable-shielded-nodes \ - --enable-l4-ilb-subsetting \ - --zone "europe-west1-b" -``` - -_Replace the placeholder `your-project-id` with your actual Google cloud project ID._ - -### [Configure the Kubeconfig](#configure-the-kubeconfig) - -To set up access to the cluster, get the kubeconfig for the cluster by following these steps: - -1. List clusters: - -```bash -gcloud container clusters list --project your-project-id -``` - -2. Get and set cluster credentials: - -```bash -gcloud container clusters get-credentials trail-cluster --region "europe-west1-b" --project your-project-id -``` - -_Replace the placeholder `your-project-id` with your actual Google cloud project ID._ - -3. Ensure the cluster is set as the active context in the kubeconfig. Use `kubectl config current-context` to verify. - -## [Helm Setup](#helm-setup) - -Sign in to the SettleMint Helm registry. Replace `` and `` with your actual credentials: - -```bash -helm registry login registry.settlemint.com --username --password -``` - -## [Prerequisites Installation](#prerequisites-installation) - -This section covers the installation prerequisites, including setting up an ingress controller, installing Redis, Postgresql, Minio, and more. - -### [An Ingress Controller](#an-ingress-controller) - -For this installation, we will use [Ingress-Nginx](https://kubernetes.github.io/ingress-nginx/). Install by running: - -```bash -helm upgrade --install ingress-nginx ingress-nginx \ - --repo https://kubernetes.github.io/ingress-nginx \ - --namespace ingress-nginx \ - --create-namespace -``` - -Wait a few minutes for the load balancer IP to become available. You can monitor the status by running: - -```bash -kubectl get service --namespace ingress-nginx ingress-nginx-controller --output wide --watch -``` - -Then, you need to link a domain name to the external load balancer IP. Create an A record in your DNS provider that points to this IP and ensure that it resolves: - -```bash -dig sandbox-demo.blockchaintransformationplatform.com -``` - -You will also need to create a wildcard CNAME `*.sandbox-demo.blockchaintransformationplatform.com` that points to `sandbox-demo.blockchaintransformationplatform.com` and confirm that it resolves: - -```bash -dig random.sandbox-demo.blockchaintransformationplatform.com -``` - -### [TLS Configuration](#tls-configuration) - -The platform can run without TLS, but it is highly insecure and not recommended. There are many options to add a TLS certificate to this URL. For the purpose of this guide, we will manually set up TLS using [cert-manager](https://cert-manager.io/docs/). Firstly, add the Jetstack Helm repository, update it, then install cert-manager: - -```bash -helm repo add jetstack https://charts.jetstack.io --force-update -helm repo update -helm upgrade --install \ - cert-manager jetstack/cert-manager \ - --namespace cert-manager \ - --create-namespace \ - --set installCRDs=true -``` - -To issue wildcard certificates, you MUST use the dns01 solver. Suppose this domain uses Cloudflare as the DNS provider. In this case, configure the dns01 resolver with Cloudflare. Start by making an API token for the zone on [https://dash.cloudflare.com/profile/api-tokens](https://dash.cloudflare.com/profile/api-tokens) and store it in this secret: - -```bash -kubectl apply -n cert-manager -f - < -EOF -``` - -Next, create a ClusterIssuer. You must replace the email address with your own email. Let's Encrypt will use this email to contact you about expiring certificates and issues related to your account: - -```bash -kubectl apply -f - <` and `` with your credentials: - -```bash -helm registry login registry.settlemint.com --username --password -``` - -The platform allows for extensive customisation, to check out all the options take a look at the values - -```bash -helm show values oci://registry.settlemint.com/settlemint-platform/settlemint --version 7.0.0 -``` - -We will do an installation based on the choices we made in the prerequisite section. - -```bash -helm upgrade --install settlemint oci://registry.settlemint.com/settlemint-platform/settlemint \ - --namespace settlemint \ - --version 7.0.0 \ - --create-namespace \ - --values - <" - annotations: - cert-manager.io/cluster-issuer: "letsencrypt" - nginx.ingress.kubernetes.io/ssl-redirect: "false" - tls: - - secretName: "blockchaintransformationplatform" - hosts: - - "sandbox-demo.blockchaintransformationplatform.com" - - "*.sandbox-demo.blockchaintransformationplatform.com" -redis: - host: redis-master.redis.svc.cluster.local - password: supersecretredispassword -postgresql: - host: postgresql.postgresql.svc.cluster.local - user: mypsqlusername - password: mysupersecretpsqlpassword - database: mypsqldbname -auth: - jwtSigningKey: "" - providers: - google: - enabled: true - clientID: "" - clientSecret: "" -vault: - address: http://vault.vault.svc.cluster.local:8200 - roleId: "" - secretId: "" -features: - observability: - metrics: - enabled: true - apiUrl: "http://victoria-metrics-victoria-metrics-single-server.observability.svc.cluster.local:8428/prometheus/api/v1" - logs: - enabled: true - apiUrl: "http://loki-gateway.observability.svc.cluster.local/loki/api/v1" - deploymentEngine: - platform: - domain: - hostname: "sandbox-demo.blockchaintransformationplatform.com" - clusterManager: - domain: - hostname: "sandbox-demo.blockchaintransformationplatform.com" - state: - s3ConnectionUrl: "s3://myminiobucket?region=eu-central-1&endpoint=minio.minio.svc.cluster.local:9000&disableSSL=true&s3ForcePathStyle=true" - credentials: - encryptionKey: "" - aws: - accessKeyId: "myminiousersvcacc" - secretAccessKey: "mysupersecretminiosvcaccountsecretkey" - region: "eu-central-1" - targets: - - id: gke - name: "Google Cloud" - icon: google - clusters: - - id: sandbox - name: "Sandbox Demo" - icon: belgium - location: - lat: 50.8505 - lon: 4.3488 - connection: - sameCluster: - enabled: true - namespace: - single: - name: deployments - domains: - service: - tls: true - hostname: "sandbox-demo.blockchaintransformationplatform.com" - storage: - storageClass: "standard-rwo" - ingress: - ingressClass: "settlemint-nginx" - capabilities: - mixedLoadBalancers: false -app: - replicaCount: 2 -api: - replicaCount: 2 -job: - resources: - requests: - cpu: 100m - memory: 512Mi - autoscaling: - enabled: true -deployWorker: - resources: - requests: - cpu: 100m - memory: 512Mi - autoscaling: - enabled: true -clusterManager: - replicaCount: 2 -docs: - replicaCount: 2 -EOF -``` - - - -**IMPORTANT:** Please refer to the actual SettleMint documentation for the most up-to-date, detailed, and accurate instructions. This is an illustrative guide and may be outdated or incorrect, and there may be additional configuration steps required for a fully functional deployment. - -## [Additional Steps](#additional-steps) - -Should an error occur during installation, debug the installation with the following command: - -```bash -helm upgrade --install --debug --dry-run ... -``` - -To delete the installation and try again, use: - -```bash -helm delete settlemint --namespace settlemint -``` - -And if you are stuck after this, there is a built in way to collect all the information SettleMint's Customer Success team needs to help you out. - -Install the support bundle plugin - -```bash -curl https://krew.sh/support-bundle | bash -``` - -Run the support bundle checks - -```bash -kubectl support-bundle --load-cluster-specs -``` - -You can then send the generated file to [support@settlemint.com](mailto:support@settlemint.com) - -Enjoy exploring the SettleMint Platform! - -**NOTE:** This sandbox installation of the SettleMint platform might not include the full functionalities of the platform. To explore a full-scale, premium tier of the SettleMint Platform, consider reaching out to the SettleMint team for a premium sandbox or subscription. \ No newline at end of file diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-embedded.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-embedded.md deleted file mode 100644 index 8e84965b..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-embedded.md +++ /dev/null @@ -1,223 +0,0 @@ ---- -sidebar_position: 2 -sidebar_label: 'Sandbox Installation: Embedded Prerequisites Integration' ---- -# SettleMint Platform Sandbox Installation Guide (embedded) - -This sandbox installation guide provides the steps for setting up and installing the SettleMint Blockchain Transformation Platform -on a managed Kubernetes cluster. The guide assumes a prior understanding of Kubernetes, CIVO Cloud, -and other relevant technologies. - -**NOTE:** Sandbox installations are not designed or suitable for production use and cannot be upgraded to a production-ready state. Use this sandbox setup at your own risk. - -## [Requirements](#requirements) - -Before proceeding with the installation, ensure the following requirements are met: - -- Access to a VM account - -## [Prerequisites Installation](#prerequisites-installation) - -This section covers the installation prerequisites, including setting up a domainname, installing Redis, Postgresql, Minio, and more. - -### [Domainname](#an-ingress-controller) - - -You need to link a domain name to the external load balancer IP. Create an A record in your DNS provider that points to this IP and ensure that it resolves: - -```bash -dig sandbox-demo.blockchaintransformationplatform.com -``` - -You will also need to create a wildcard CNAME `*.sandbox-demo.blockchaintransformationplatform.com` that points to `sandbox-demo.blockchaintransformationplatform.com` and confirm that it resolves: - -```bash -dig random.sandbox-demo.blockchaintransformationplatform.com -``` - -### [TLS Configuration](#tls-configuration) - -The platform can run without TLS, but it is highly insecure and not recommended. There are many options to add a TLS -certificate to this URL. In this guide we will leverage Cloudflare to provide TLS termination. - -For your domain, purchase ACM and enable Total TLS. This will provide TLS certificates for each of the domainnames configured. - -### [Redis Setup](#redis-setup) - -Create an account at [RedisCloud](https://app.redislabs.com) and create a new subscription. A fixed plan of 1GB should suffice for now. -Then create a new database, all the defaults are correct. - -Note the commections details as we will need them later, it will look something like - -``` -Public endpoint: redis-17220.c250.eu-central-1-1.ec2.cloud.redislabs.com:17220 -Default user password: redacted -``` - -### [Postgresql Setup](#postgresql-setup) - -For the Postgresql database we will be using the Serverless Postgres offering from [Neon](https://console.neon.tech). - -Create a new database and note the connections details (with pooling enabled) as we will need them later, it will look something like - -``` -postgresql://sandbox-demo_owner:************@ep-morning-moon-a20p0s24-pooler.eu-central-1.aws.neon.tech/sandbox-demo?sslmode=require -``` - -### [S3 Storage Setup](#s3-setup) - -We are using an AWS s3 bucket in this guide. Create a new bucket in your AWS account and again, all the defaults are correct. -Note the region and name of your bucket. - -To be able to access it use AWS IAM to generate a user with an access key, make sure to note the access key and the secret access key. - -Generate a state encryption key using `openssl rand -base64 32` and note it down. - -### [Hashicorp Vault Setup](#hashicorp-vault-setup) - -Hashicorp Vault is a tool for managing secrets and protecting sensitive data. It is open-source but only under a BSL-license -that prevents anyone from offering it as a service. So we will leverage their cloud offering for this. - -Create a new Vault cluster on the Hashicorp Cloud. For this demo the Development tier and extra small size is sufficient. -As a template choose `Start from Scratch`. - -When it is running, generate a new admin token from the UI and launch the web UI. - -Then, create three secret engines for the private keys of the platform: - -- Generic KV -- Path: - - ethereum - - ipfs - - fabric - -Next go to `Authentication Methods` and add a new `AppRole` method. -Then go to `Policies` and create a new role named btp with the following policy: - -```hcl -path "ethereum/*" { - capabilities = ["create", "read", "update", "delete", "list"] -} -path "fabric/*" { - capabilities = ["create", "read", "update", "delete", "list"] -} -path "ipfs/*" { - capabilities = ["create", "read", "update", "delete", "list"] -} -``` - -Next, open up the terminal create your app role: - -```bash -vault write auth/approle/role/platform-role \ - token_ttl=1h \ - token_max_ttl=4h \ - secret_id_ttl=6h \ - policies="btp" -``` - -To retrieve the Role ID and Secret ID for the `platform-role`, run: - -```bash -vault read auth/approle/role/platform-role/role-id -vault write -force auth/approle/role/platform-role/secret-id -``` - -Record the role id and secret id as they will be needed later. - -## [OAuth2 Provider Setup](#oauth2-provider-setup) - -In this example we will use Google login. Browse to https://console.developers.google.com/apis/credentials and on the top use `+ CREATE CREDENTIALS`, choose `OAuth client ID` and then as type `Web application`. - -In `Authorised JavaScript origins` add the domain name you created in the Ingress controller section, in this example `https://sandbox-demo.blockchaintransformationplatform.com`. In `Authorised redirect URIs` use `https://sandbox-demo.blockchaintransformationplatform.com/api/auth/callback/google`. - -You will get a Client ID and Client secret at the end of this process, note them down for later. - -We will also need a secret to encrypt the JWT token. Generate a random key with `openssl rand -base64 32` and record this for later. - -## [SettleMint Platform Installation](#settlemint-platform-installation) - -Install the plaform by first downloading the required files - -```bash -curl https://replicated.settlemint.com/embedded/settlemint-platform -H "Authorization: redacted" -o settlemint-platform.tgz -tar -xvzf settlemint-platform.tgz -``` - -and then installing them - -```bash -sudo ./settlemint-platform install --license license.yaml -``` - -Storage class -```bash -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: btp-storage -provisioner: openebs.io/local -reclaimPolicy: Delete -volumeBindingMode: WaitForFirstConsumer -allowVolumeExpansion: true -EOF -``` - -How to handle - -Answer the questions and wait for it to install the KOTS admin panel. - -``` -Enter the namespace to deploy to: settlemint - • Deploying Admin Console - • Creating namespace ✓ - • Waiting for datastore to be ready ✓ -Enter a new password for the admin console (6+ characters): •••••••••• - • Waiting for Admin Console to be ready ✓ - • Press Ctrl+C to exit - • Go to http://localhost:8800 to access the Admin Console -``` - -Browse to http://localhost:8800 and log in with the password you chose. - -From your CS contact you will have received a license file, upload it in the next screen. - -Then we will need to configure the platform using the values we collected above and then press continue. - -You should now be able to access the platform at https://sandbox-demo.blockchaintransformationplatform.com. - -**IMPORTANT:** Please refer to the actual SettleMint documentation for the most up-to-date, detailed, and accurate instructions. This is an illustrative guide and may be outdated or incorrect, and there may be additional configuration steps required for a fully functional deployment. - -## [Additional Steps](#additional-steps) - -Should an error occur during installation, debug the installation with the following command: - -```bash -helm upgrade --install --debug --dry-run ... -``` - -To delete the installation and try again, use: - -```bash -helm delete settlemint --namespace settlemint -``` - -And if you are stuck after this, there is a built in way to collect all the information SettleMint's Customer Success team needs to help you out. - -Install the support bundle plugin - -```bash -curl https://krew.sh/support-bundle | bash -``` - -Run the support bundle checks - -```bash -kubectl support-bundle --load-cluster-specs -``` - -You can then send the generated file to [support@settlemint.com](mailto:support@settlemint.com) - -Enjoy exploring the SettleMint Platform! - -**NOTE:** This sandbox installation of the SettleMint platform might not include the full functionalities of the platform. To explore a full-scale, premium tier of the SettleMint Platform, consider reaching out to the SettleMint team for a premium sandbox or subscription. \ No newline at end of file diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-kots.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-kots.md deleted file mode 100644 index c70b2836..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-kots.md +++ /dev/null @@ -1,256 +0,0 @@ ---- -sidebar_position: 3 -sidebar_label: 'Sandbox Installation: Prerequisites from Managed Service Providers, Using KOTS' ---- -# SettleMint Platform Sandbox Installation Guide with all prerequisites from managed service providers, using KOTS - -This sandbox installation guide provides the steps for setting up and installing the SettleMint Blockchain Transformation Platform -on a managed Kubernetes cluster. The guide assumes a prior understanding of Kubernetes, CIVO Cloud, -and other relevant technologies. - -**NOTE:** Sandbox installations are not designed or suitable for production use and cannot be upgraded to a production-ready state. Use this sandbox setup at your own risk. - -## [Requirements](#requirements) - -Before proceeding with the installation, ensure the following requirements are met: - -- Access to a CIVO account -- Knowledge of Kubernetes and CIVO - -## [Managed Kubernetes Cluster Setup](#managed-kubernetes-cluster-setup) - -### [Establish a Cluster](#establish-a-cluster) - -In this guide, we are using a CIVO cluster as an example. - -- Large standard size (3 nodes) -- A firewall with port 80 and 443 open -- From the marketplace - - Civo cluster autoscaler - - Nginx ingress controller - -### [Configure the Kubeconfig](#configure-the-kubeconfig) - -To set up access to the cluster, get the kubeconfig for the cluster by downloading it from the CIVO dashboard and merge it into your kubeconfig file - -```bash -cp ~/.kube/config ~/.kube/config_bk -KUBECONFIG=~/.kube/config:~/Downloads/civo.yaml kubectl config view --flatten > ~/.kube/config_tmp -mv ~/.kube/config_tmp ~/.kube/config -``` - -Ensure the cluster is set as the active context in the kubeconfig. Use `kubectl config current-context` to verify. - -## [Prerequisites Installation](#prerequisites-installation) - -This section covers the installation prerequisites, including setting up an ingress controller, installing Redis, Postgresql, Minio, and more. - -### [An Ingress Controller](#an-ingress-controller) - -From the marketplace install `Nginx`, if you have not during the cluster install - -Then, you need to link a domain name to the external load balancer IP. Create an A record in your DNS provider that points to this IP and ensure that it resolves: - -```bash -dig sandbox-demo.blockchaintransformationplatform.com -``` - -You will also need to create a wildcard CNAME `*.sandbox-demo.blockchaintransformationplatform.com` that points to `sandbox-demo.blockchaintransformationplatform.com` and confirm that it resolves: - -```bash -dig random.sandbox-demo.blockchaintransformationplatform.com -``` - -### [TLS Configuration](#tls-configuration) - -The platform can run without TLS, but it is highly insecure and not recommended. There are many options to add a TLS -certificate to this URL. In this guide we will leverage Cloudflare to provide TLS termination. - -For your domain, purchase ACM and enable Total TLS. This will provide TLS certificates for each of the domainnames configured. - -### [Redis Setup](#redis-setup) - -Create an account at [RedisCloud](https://app.redislabs.com) and create a new subscription. A fixed plan of 1GB should suffice for now. -Then create a new database, all the defaults are correct. - -Note the commections details as we will need them later, it will look something like - -``` -Public endpoint: redis-17220.c250.eu-central-1-1.ec2.cloud.redislabs.com:17220 -Default user password: redacted -``` - -### [Postgresql Setup](#postgresql-setup) - -For the Postgresql database we will be using the Serverless Postgres offering from [Neon](https://console.neon.tech). - -Create a new database and note the connections details (with pooling enabled) as we will need them later, it will look something like - -``` -postgresql://sandbox-demo_owner:************@ep-morning-moon-a20p0s24-pooler.eu-central-1.aws.neon.tech/sandbox-demo?sslmode=require -``` - -### [S3 Storage Setup](#s3-setup) - -We are using an AWS s3 bucket in this guide. Create a new bucket in your AWS account and again, all the defaults are correct. -Note the region and name of your bucket. - -To be able to access it use AWS IAM to generate a user with an access key, make sure to note the access key and the secret access key. - -Generate a state encryption key using `openssl rand -base64 32` and note it down. - -### [Hashicorp Vault Setup](#hashicorp-vault-setup) - -Hashicorp Vault is a tool for managing secrets and protecting sensitive data. It is open-source but only under a BSL-license -that prevents anyone from offering it as a service. So we will leverage their cloud offering for this. - -Create a new Vault cluster on the Hashicorp Cloud. For this demo the Development tier and extra small size is sufficient. -As a template choose `Start from Scratch`. - -When it is running, generate a new admin token from the UI and launch the web UI. - -Then, create three secret engines for the private keys of the platform: - -- Generic KV -- Path: - - ethereum - - ipfs - - fabric - -Next go to `Authentication Methods` and add a new `AppRole` method. -Then go to `Policies` and create a new role named btp with the following policy: - -```hcl -path "ethereum/*" { - capabilities = ["create", "read", "update", "delete", "list"] -} -path "fabric/*" { - capabilities = ["create", "read", "update", "delete", "list"] -} -path "ipfs/*" { - capabilities = ["create", "read", "update", "delete", "list"] -} -``` - -Next, open up the terminal create your app role: - -```bash -vault write auth/approle/role/platform-role \ - token_ttl=1h \ - token_max_ttl=4h \ - secret_id_ttl=6h \ - policies="btp" -``` - -To retrieve the Role ID and Secret ID for the `platform-role`, run: - -```bash -vault read auth/approle/role/platform-role/role-id -vault write -force auth/approle/role/platform-role/secret-id -``` - -Record the role id and secret id as they will be needed later. - -### Kubernetes Target clusters - -Next we will need to configure where the platform will deploy the services. We will set it up with a single namespace on the same cluster. - -We need to create the namespace we are going to deploy in: - -```bash -kubectl apply -f - <` and `` with your actual credentials: - -```bash -helm registry login registry.settlemint.com --username --password -``` - -## [Prerequisites Installation](#prerequisites-installation) - -This section covers the installation prerequisites, including setting up an ingress controller, installing Redis, Postgresql, Minio, and more. - -### [An Ingress Controller](#an-ingress-controller) - -From the marketplace install `NGINX Ingress Controller` - -Then, you need to link a domain name to the external load balancer IP. Create an A record in your DNS provider that points to this IP and ensure that it resolves: - -```bash -dig sandbox-demo.blockchaintransformationplatform.com -``` - -You will also need to create a wildcard CNAME `*.sandbox-demo.blockchaintransformationplatform.com` that points to `sandbox-demo.blockchaintransformationplatform.com` and confirm that it resolves: - -```bash -dig random.sandbox-demo.blockchaintransformationplatform.com -``` - -### [TLS Configuration](#tls-configuration) - -The platform can run without TLS, but it is highly insecure and not recommended. There are many options to add a TLS -certificate to this URL. For the purpose of this guide, we will install [cert-manager](https://cert-manager.io/docs/) from -the Digital Ocean Marketplace. - -To issue wildcard certificates, you MUST use the dns01 solver. Suppose this domain uses Cloudflare as the DNS provider. -In this case, configure the dns01 resolver with Cloudflare. Start by making an API token for the zone on -https://dash.cloudflare.com/profile/api-tokens and store it in this secret: - -```bash -kubectl apply -f -n cert-manager - < -EOF -``` - -Next, create a ClusterIssuer. You must replace the email address with your own email. Let's Encrypt will use this email to contact you about expiring certificates and issues related to your account: - -```bash -kubectl apply -f - <` and `` with your credentials: - -```bash -helm registry login registry.settlemint.com --username --password -``` - -The platform allows for extensive customisation, to check out all the options take a look at the values - -```bash -helm show values oci://registry.settlemint.com/settlemint-platform/settlemint --version 7.0.0 -``` - -We will do an installation based on the choices we made in the prerequisite section. - -```bash -helm upgrade --install settlemint oci://registry.settlemint.com/settlemint-platform/settlemint \ - --namespace settlemint \ - --version 7.0.0 \ - --create-namespace \ - --values - <` and `` with your credentials: - -```shell -helm registry login registry.settlemint.com --username --password -``` - -## Customization Options - -The platform allows for extensive customization. To explore all available options, view the chart values: - -```shell -helm show values oci://registry.settlemint.com/settlemint-platform/settlemint --version vX.X.X -``` - -## Helm Chart Configurations - -To install the SettleMint Platform, you must customize the Helm chart values according to your cluster's setup and services. Here's a breakdown of essential configurations: - -Check the [prerequisites](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/prerequisites/Infrastructure.md) section & [quick start example](/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/quick-start-examples-trial-installation/installation-trial-cluster.md) for more information! - -- **Ingress Configuration**: Define the hostname linked to your ingress controller's external IP. Use annotations for SSL and certificate issuer, such as `cert-manager.io/cluster-issuer: "letsencrypt"`. - -- **Redis Configuration**: Specify the Redis service URL and password, e.g., `redis-master.redis.svc.cluster.local` and `supersecretredispassword`. - -- **PostgreSQL Configuration**: Provide details such as host, user, password, and database name, for example, `postgresql.postgresql.svc.cluster.local`, `mypsqlusername`, `mysupersecretpsqlpassword`, and `mypsqldbname`. - -- **MinIO (S3 Storage)**: Format the connection URL for MinIO and include credentials. Ensure access is secured with an encryption key. - -- **Vault**: Define the Vault service URL, role ID, and secret ID for authentication and authorization purposes. - -- **Authentication**: Generate a secure key for JWT token signing. - -- **Observability**: Set endpoints for metrics and logs API, such as VictoriaMetrics and Loki. - -- **Additional Configurations**: Define the number of replicas for apps, APIs, jobs, and workers. Generate random values for encryption and secrets. - -### Deployment Command - -Once your values file is prepared, deploy the SettleMint Platform with the following command: - -```shell -helm upgrade --install settlemint oci://registry.settlemint.com/settlemint-platform/settlemint \ - --namespace settlemint \ - --version X.X.X \ - --create-namespace \ - --values -f YOUR-VALUES-FILE.YAML -``` - -### Example Values File - -Here's an example snippet from a values file for your reference: - -```yaml -helm upgrade --install settlemint oci://registry.settlemint.com/settlemint-platform/settlemint \ - --namespace settlemint \ - --version X.X.X \ - --create-namespace \ - --values - <" - annotations: - cert-manager.io/cluster-issuer: "letsencrypt" - nginx.ingress.kubernetes.io/ssl-redirect: "false" - tls: - - secretName: "blockchaintransformationplatform" - hosts: - - "sandbox-demo.blockchaintransformationplatform.com" - - "*.sandbox-demo.blockchaintransformationplatform.com" -redis: - host: redis-master.redis.svc.cluster.local - password: supersecretredispassword -postgresql: - host: postgresql.postgresql.svc.cluster.local - user: mypsqlusername - password: mysupersecretpsqlpassword - database: mypsqldbname -auth: - jwtSigningKey: "" - providers: - google: - enabled: true - clientID: "" - clientSecret: "" -vault: - address: http://vault.vault.svc.cluster.local:8200 - roleId: "" - secretId: "" -features: - advancedDeploymentConfig: - enabled: true - observability: - metrics: - enabled: true - apiUrl: "http://victoria-metrics-victoria-metrics-single-server.observability.svc.cluster.local:8428/prometheus/api/v1" - logs: - enabled: true - apiUrl: "http://loki-gateway.observability.svc.cluster.local/loki/api/v1" - deploymentEngine: - platform: - domain: - hostname: "sandbox-demo.blockchaintransformationplatform.com" - clusterManager: - domain: - hostname: "sandbox-demo.blockchaintransformationplatform.com" - state: - s3ConnectionUrl: "s3://myminiobucket?region=eu-central-1&endpoint=minio.minio.svc.cluster.local:9000&disableSSL=true&s3ForcePathStyle=true" - credentials: - encryptionKey: "" - aws: - accessKeyId: "myminiousersvcacc" - secretAccessKey: "mysupersecretminiosvcaccountsecretkey" - region: "eu-central-1" - targets: - - id: gke - name: "Google Cloud" - icon: google - clusters: - - id: sandbox - name: "Sandbox Demo" - icon: belgium - location: - lat: 50.8505 - lon: 4.3488 - connection: - sameCluster: - enabled: true - namespace: - single: - name: deployments - domains: - service: - tls: true - hostname: "sandbox-demo.blockchaintransformationplatform.com" - storage: - storageClass: "standard-rwo" - ingress: - ingressClass: "settlemint-nginx" - capabilities: - mixedLoadBalancers: false -app: - replicaCount: 2 -api: - replicaCount: 2 -job: - resources: - requests: - cpu: 100m - memory: 512Mi - autoscaling: - enabled: true -deployWorker: - resources: - requests: - cpu: 100m - memory: 512Mi - autoscaling: - enabled: true -clusterManager: - replicaCount: 2 -docs: - replicaCount: 2 -EOF -``` - -Ensure all configurations are tailored to your infrastructure and security requirements. For comprehensive guidance, refer to the prerequisites section and quick start examples. - -## Advanced deployment configuration - -If you need to override default Kubernetes configuration settings on the services you deploy (for example to add your own labels), you can do that in the advanced deployment configuration. - -Basic knowledge of Kubernetes is advised when using this feature. If you have any questions or doubts, feel free to reach out to our support team through the 'Contact us' button on the screen. - -### Enabling the Feature - -To enable advanced deployment configuration, add the following to your `values.yaml` file: - -```yaml -features: - advancedDeploymentConfig: - enabled: true -``` - -### How to use - -If you, for example, want to deploy a new blockchain node with the label `app=myapp` in Kubernetes, you can do the following in the platform: -- Navigate to your application -- Click 'Blockchain nodes' -- Click 'Add a blockchain node' -- Fill in the details for your node, choose a deployment plan and click 'Confirm' -- You'll see a form titled 'Advanced deployment configuration (optional)' -- Click 'Deployment' -- Add your label -- Click 'Confirm' at the bottom of the form - -### Configurable Options - -When enabled, you can configure the following aspects of your Kubernetes resources: -1. **Labels and Annotations** - - For Deployments, Ingress, and Services -2. **Environment Variables** - - Custom environment variables for your containers -3. **Tolerations** - - Specify which nodes your pods can be scheduled on -4. **Affinities** - - Define rules for pod scheduling preferences -5. **Node Selectors** - - Constrain pods to specific nodes diff --git a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/support-and-troubleshooting.md b/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/support-and-troubleshooting.md deleted file mode 100644 index 0fbbbe76..00000000 --- a/docs/launch-platform/self-hosted/installing-on-an-existing-cluster/support-and-troubleshooting.md +++ /dev/null @@ -1,39 +0,0 @@ ---- -sidebar_position: 6 -sidebar_label: Support and Troubleshooting - ---- - -# Support and Troubleshooting - -Should you need assistance at any stage of your installation or while utilizing the platform, the SettleMint team is here to help. Feel free to contact us at support@settlemint.com for any support you may require. - -Should an error occur during installation, debug the installation with the following command: - -``` -helm upgrade --install --debug --dry-run -``` - -To delete the installation and try again, use: - -``` -helm delete settlemint --namespace mynamespace -``` - -Install the support bundle plugin - -``` -curl https://krew.sh/support-bundle | bash -``` - -Run the support bundle checks - -``` -kubectl support-bundle --load-cluster-specs -``` - -You can then send the generated file to support@settlemint.com - -Enjoy exploring the SettleMint Platform! - -