If you are a happy owner of Aidbox.Enterprise and want to deploy it to kubernetes cluster, follow these steps.
Let's create a Secret resource with credentials for the database. The first step is to create an env-file
like this:
aidboxdbPOSTGRES_USER=postgresPOSTGRES_PASSWORD=yoursecretpasswrod
Now, let's generate a Secret resource:
kubectl create secret generic --dry-run -o yaml aidboxdb \--from-env-file=aidboxdb > aidboxdb-secret.yaml
You will get a file like this which you can put under source control.
db.yamlapiVersion: v1data:POSTGRES_PASSWORD: eW91cnNlY3JldHBhc3N3cm9kPOSTGRES_USER: cG9zdGdyZXM=kind: Secretmetadata:creationTimestamp: nullname: aidboxdb
Create a resource in cluster:
kubectl apply -f aidboxdb-secre.yamlkubectl get secrets
Now we are ready to deploy the database (custom PostgreSQL build):
aidboxdb.yaml---# create volume for databaseapiVersion: v1kind: PersistentVolumeClaimmetadata:name: aidboxdbspec:accessModes:- ReadWriteOnceresources:requests:storage: 100Gi---# deploy db as statefulsetapiVersion: apps/v1kind: StatefulSetmetadata:name: aidboxdblabels:app: aidboxdbspec:replicas: 1serviceName: aidboxdbselector:matchLabels:app: aidboxdbtemplate:metadata:labels:app: aidboxdbspec:containers:- image: aidbox/db:11.4.0imagePullPolicy: Alwaysname: postgresports:- containerPort: 5432protocol: TCPenvFrom:- secretRef:name: aidboxdbvolumeMounts:- mountPath: /dataname: aidboxdbsubPath: pgdatavolumes:- name: aidboxdbpersistentVolumeClaim:claimName: aidboxdb---# headless service for aidboxdbapiVersion: v1kind: Servicemetadata:name: aidboxdblabels:service: aidboxdbspec:ports:- name: postgresqlport: 5432protocol: TCPtargetPort: 5432selector:app: aidboxdbsessionAffinity: ClientIPclusterIP: Nonetype: ClusterIP
Check that database is up and running:
kubectl apply -f aidboxdb.yamlkubectl get podskubectl logs -f aidboxdb-0kubectl exec -it aidboxdb-0 psql postgrespsql:> \lpsql:> \q
You need to have access to Aidbox.Enterprise docker image - AIDBOX_IMAGE — something like us.gcr.io/aidbox2-205511/aidbox-enterprise:0.4.6
aidbox.yaml---apiVersion: extensions/v1beta1kind: Deploymentmetadata:name: aidboxlabels:system: aidboxspec:replicas: 1template:metadata:labels:system: aidboxspec:containers:- name: aidboximage: "{{AIDBOX_IMAGE}}"imagePullPolicy: Alwaysenv:- name: AIDBOX_CLUSTER_SECRETvalue: "entsecret"- name: AIDBOX_CLUSTER_DOMAINvalue: "fhir.my.io"- name: AIDBOX_BASE_URLvalue: "https://fhir.my.io"- name: AIDBOX_PORTvalue: "8080"- name: PGHOSTvalue: aidboxdb- name: PGPORTvalue: '5432'- name: PGUSERvalue: 'postgres'- name: PGUSERvalueFrom:secretKeyRef:name: aidboxdbkey: POSTGRES_USER- name: PGPASSWORDvalueFrom:secretKeyRef:name: aidboxdbkey: POSTGRES_PASSWORD# if you want login with GITHUB or GOOGLE- name: GITHUB_CLIENT_IDvalue: <...>- name: GITHUB_CLIENT_SECRETvalue: <....>- name: GITHUB_ORGANIZATIONvalue: <...>- name: GOOGLE_CLIENT_IDvalue: <...>- name: GOOGLE_CLIENT_SECRETvalue: <....>- name: GOOGLE_ORGANIZATIONvalue: <...>ports:- containerPort: 8080protocol: TCPreadinessProbe:httpGet:scheme: HTTPpath: /__healthcheckport: 8080initialDelaySeconds: 20timeoutSeconds: 10periodSeconds: 10failureThreshold: 30
Now we can deploy it:
kubectl apply -f aidbox.yamlkubectl get podskubectl logs -f aidbox-....