Prepare the Kubernetes Environment

This page lists the tasks to prepare your Kubernetes environment so that you can install appd services.

Modify the Global Configuration File

Modify the globals.yaml.gotmpl file as follows:
Note:

Go to the directory where you have extracted the deployment files.

  1. Go to the following directory:
    CODE 
    ./byok8s/config
  2. Edit the globals.yaml.gotmpl file.
    CODE 
    vi globals.yaml.gotmpl
  3. Verify that the provider parameter is set to openshift.
    This parameter specifies which Kubernetes provider the Virtual Appliance uses for deployment.
  4. In the dnsDomain parameter, specify the external DNS domain for routes.
    Note: To find your external DNS domain, run this command:
    CODE 
    oc get ingresses.config/cluster -o jsonpath='{.spec.domain}'

    Example:

    CODE 
    appd.apps.rosa.mycluster.openshiftapps.com
  5. In the global.imageRegistry parameter, specify the container registry URL.
    CODE 
    myregistry.example.com:5000
  6. In global.storageClass, verify that the default Storage Class is created for the cluster.
    CODE 
    use-default
  7. In the coredns.clusterIP parameter, specify the available static cluster IP address.
JSON 
# Set provider
{{- $provider := "openshift" }}

# Set DNS domain
{{- $dnsDomain := "appd.apps.rosa.mycluster.openshiftapps.com" }}

# Set registry URL
global:
  imageRegistry: "custom-registry-appd-registry.apps.rosa.mycluster.openshiftapps.com"

Configure the CoreDNS

A CoreDNS configuration is required within the Kubernetes cluster to enable internal communication for appd services without relying on external DNS hostnames. Since the platform CoreDNS cannot be modified directly, a separate CoreDNS instance is deployed in the cisco-coredns namespace.
Note:

Go to the directory where you have extracted the deployment files.

Perform the following steps to configure CoreDNS:

  1. Identify the available cluster IP address that is within the cluster's service CIDR range.
    You can run the ./scripts/find-available-service-ip.sh file. Or, manually find the required IP addresses.

    These are example commands to find the available IP addresses:

    CODE 
    # Find an available IP with .53 suffix (ideal for DNS — port 53 convention)
./scripts/find-available-service-ip.sh -c 1 -s 53

# Find 5 available IPs (default)
./scripts/find-available-service-ip.sh

# Find 3 available IPs
./scripts/find-available-service-ip.sh -c 3

# Dry-run: show service CIDR info without scanning
./scripts/find-available-service-ip.sh --dry-run

    Command options:

    Option Description Default
    -c, --count <N> Returns the count of available IP addresses. 5
    -s, --suffix <N> Returns the preferred last-octet suffix (1–254). For example, 53 for DNS. none
    --dry-run Displays CIDR info only and skips IP scan. Off
    -h, --help Displays the usage help. -
  2. Edit the globals.yaml.gotmpl file with the following code:
    CODE 
    coredns:
  clusterIP: "10.0.0.1"

Place Your License File in your Kubernetes Cluster

Copy the license file into your Kubernetes cluster so that the Helm charts can access it during deployment.
Note:

Go to the directory where you have extracted the deployment files.

  1. Copy the downloaded license file to the config folder of the Virtual Appliance.
    CODE 
    cp /<path-of-your-license-file>/license.lic ./config/license.lic
  2. Verify the license file in Virtual Appliance.
    CODE 
    cat ./config/license.lic | head -5

Create and Modify the Secrets File

Use the secrets template to create a secret file and update the necessary credentials.
  1. Use secrets.yaml.template to create a secrets.yaml and update its access permissions.
    CODE 
    cd config
cp secrets.yaml.template secrets.yaml
chmod 600 secrets.yaml
  2. Update the necessary credentials in the secrets file.
    1. Specify the credentials in the appdController section.
      • rootPassword : Reset the Root password to access Controller administration page. Default value is welcome .
      • adminUsername : create and specify the administrator username. Default value is admin .
      • adminPassword : create and specify the password for the admin user. Default value is welcome .
      YAML 
      appdController:
	rootUsername: root
	rootPassword: welcome
	rootAccountname: system
	adminUsername: admin
	adminPassword: welcome
    2. Specify your MySQL credentials.
      YAML 
      mysql:
	secret:
		rootUser: root
		rootPassword: <Password>
		rootHost: '%'
		eumDb: eum_db
		eumDbUser: eum_user
		eumDbPassword: <Password>
    3. Specify your PostgreSQL credentials.
      CODE 
      postgres:
  users:
    postgres:
      password: "postgres-password"
    pgtest:
      password: "pgtest-password"
    4. Verify that the TLS keystore password is chageit.
      Note: Do not change the TLS keystore password.
      YAML 
      tls:
keyStorePassword: changeit