Add basic Kubernetes installation documentation #220
Conversation
✅ Deploy Preview for seqera-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
@gavinelder, this is an initial pass based on my interpretation of your suggestions. |
|
|
||
| The following prerequisites are required to deploy Seqera on a Kubernetes cluster. | ||
|
|
||
| - A Kubernetes cluster version 1.30.2 or newer |
There was a problem hiding this comment.
We currently run 1.28 in our environments , pinning to a version may result in this doc being dated.
What about - A Kubernetes cluster running a supported version
There was a problem hiding this comment.
Completed an initial first-pass , will go through it in more detail shortly.
@gwright99 may also make a good reviewer for this content.
| This installation guide describes how to install Seqera Platform on a Kubernetes cluster. | ||
|
|
There was a problem hiding this comment.
Potentially expand on this and explain what the outcomes will be.
This installation guide describes how to install Seqera Platform on a Kubernetes cluster, at the end of the guide you will have a version of the platform running be able to log in etc.
| Seqera Enterprise is distributed as a collection of Docker containers available through the Seqera container registry [`cr.seqera.io`](https://cr.seqera.io). Contact [support](https://support.seqera.io) to get your container access credentials. After you've received your credentials, grant your cluster access to the registry: | ||
|
|
||
| 1. Retrieve the `name` and `secret` values from the JSON file that you received from Seqera support. | ||
|
|
||
| 1. Create a [secret][kubectl-secret] for the image pull secret: | ||
|
|
||
| ``` | ||
| kubectl create secret docker-registry cr.seqera.io \ | ||
| --docker-server=cr.seqera.io \ | ||
| --docker-username='<name>' \ | ||
| --docker-password='<secret>' | ||
| ``` | ||
|
|
||
| The credential `name` contains a dollar `$` character. Wrap the name in single quotes to prevent the Linux shell from interpreting this value as an environment variable. |
There was a problem hiding this comment.
General comment there is a potential here to do an advanced admin guide and make a recommendation to download and host a copy of the containers yourself which removes a dependancy on us and makes their platform more resilient and also removes the need for this secret to be maintained if they're using AWS ECR for example.
| <summary>View command output</summary> | ||
| ``` | ||
| NAME STATUS | ||
| pull-test Succeeded | ||
| ``` | ||
| </details> |
There was a problem hiding this comment.
Add a section to clean up and delete the pod once they have carried out this step ?
What should they do if they see ErrImagePull ?
| Configure the following environment variables. For more information about Seqera configuration options, see [Configuration overview](./configuration/overview.mdx). | ||
|
|
||
| :::tip | ||
| The `configmap.yml` manifest includes both the `tower.env` and `tower.yml` files. These files are made available to the other containers through volume mounts. |
There was a problem hiding this comment.
Why is this important is there a distinction between the two ?
Would it be better to say something like "To simplify management of configuration we will use the same configmap for all seqera resources such as tower etc ?
Is this an opertunity to move away from the word tower and make it platform ?
|
|
||
| ## 3. Configure Seqera Platform | ||
|
|
||
| Configure the following environment variables. For more information about Seqera configuration options, see [Configuration overview](./configuration/overview.mdx). |
There was a problem hiding this comment.
I feel like this section is missing a why section.
Seqera Services take their configuration for items such as what database to use from environment variables passed at runtime, to simplify this deployment we use a config-map which we will create in this step you can find out more about this in the configuration overview for example.
|
|
||
| ## Next steps | ||
|
|
||
| - Configure OpenID Connect (OIDC) for seamless integration with your identify provider |
There was a problem hiding this comment.
| - Configure OpenID Connect (OIDC) for seamless integration with your identify provider | |
| - Configure OpenID Connect (OIDC) for seamless integration with your identity provider |
What about Configure identity providers for seamless single sign-on we support more than OIDC AFAIK.
|
|
||
| - Configure OpenID Connect (OIDC) for seamless integration with your identify provider | ||
| - Configure ingress for your public cloud provider for load balancing and TLS termination | ||
| - Configure access to your organization's email server |
There was a problem hiding this comment.
| - Configure access to your organization's email server | |
| - Configure Seqera platform to send email notifications |
Rationalle for the change is they may not connect to the org's email server they may use a third-party service, this is more broad wording.
platform_versioned_docs/version-24.1/enterprise/kubernetes-minimal-install.mdx
Outdated
Show resolved
Hide resolved
…imal-install.mdx Signed-off-by: Justine Geffen <[email protected]>
Preview URL: https://deploy-preview-220--seqera-docs.netlify.app/platform/24.1/enterprise/kubernetes-minimal-install
The goal of this project is the improvement of the existing installation documentation. In particular, provide installation documentation for Kubernetes that is vastly simplified, providing the user with a turnkey working Kubernetes installation on any Kubernetes cluster, without any cloud provider specific requirements or configuration initially. This also works locally on Docker Desktop K8s.
This gives the user an immediately functional installation. Then we can build on this with Seqera recommended reference installations that cover best practice for ingress configuration, Redis and MySQL SaaS service integration, external SMTP server integration, custom TLS certificates for NF launcher, and so on.
For clarity, configuration files are functional minimums, without any extraneous fields. Any commands run include output and examples where ever possible, along with validation and confirmation steps.