Skip to content

Setup

Jump to bottom
Maher Ali edited this page Mar 9, 2021 · 19 revisions

I have a custer how to install Trafik?

Step 0: Convention

LA Trafik requires some conventions in place, Nomad Task needs to match the service name registration in consul The reason is the way consolidation logic works between docker metadata and consul catalog API.

Step 1: Verify raw_exec is enabled on clients

Before installing LA Trafik in existing cluster make sure the nodes (clients) have the raw_exec enabled. This is a must to run sampler.sh which will take samples of the container traffic. How to enable it just check the following script in the LiteArch LAB which installs the clients and enable the raw_exec capability, search for raw_exec and you will get the plugin configuration section:

https://github.com/mahermali/litearch.lab/blob/main/client.sh

Step 2: Jq

All Nomad client needs to have Jq installed.

Step 3: sampler artifact location

LA Trafik depends on a shell script to take samples of network packets, now this file will be run as part of system job with raw_exec as you can see in the collector.nomad file: https://github.com/mahermali/litearch.lab/blob/main/jobs/litearch/trafik/collector.nomad

Now if you have corporate proxy or getting access to the github repository from your network is prohibited then you can host the file on internal HTTP server and update the collector.nomad artifact section with the new link.

Step 4: LiteArch Containers location

If you have on premise installation where there is no access to docker hub online registry or because of the new limitation of docker hub daily requests from unique IPs, you might have artifactory installed on local network. It's then advised to pull all LiteArch images, tag them with your local repositories and push them to artifactory:

docker pull maherali/litearch-trafik-collector:latest
docker pull maherali/litearch-trafik-consolidator:latest
docker pull maherali/litearch-trafik-api:latest
docker pull maherali/litearch-trafik-portal:latest

docker tag maherali/litearch-trafik-collector container.internal.artifactory:443/litearch-trafik-collector:latest
docker tag maherali/litearch-trafik-consolidator container.internal.artifactory:443/litearch-trafik-consolidator:latest
docker tag maherali/litearch-trafik-api container.internal.artifactory:443/litearch-trafik-api:latest
docker tag maherali/litearch-trafik-portal container.internal.artifactory:443/litearch-trafik-portal:latest


docker login -u username -p password container.internal.artifactory:443

docker push container.internal.artifactory:443/litearch-trafik-collector:latest
docker push container.internal.artifactory:443/litearch-trafik-consolidator:latest
docker push container.internal.artifactory:443/litearch-trafik-api:latest
docker push container.internal.artifactory:443/litearch-trafik-portal:latest

If you have pushed the latest images to local repositories, the new change needs to be reflected on LA Trafik nomad jobs deployed to your cluster, specifically the following files:

https://github.com/mahermali/litearch.lab/blob/main/jobs/litearch/trafik/collector.nomad

https://github.com/mahermali/litearch.lab/blob/main/jobs/litearch/trafik/consolidator.nomad

https://github.com/mahermali/litearch.lab/blob/main/jobs/litearch/trafik/api.nomad

https://github.com/mahermali/litearch.lab/blob/main/jobs/litearch/trafik/portal.nomad

Step 5: 50777

LiteArch will use static port mapping for the collector job, the reserved port is: 50777 and it should be available on every node in your cluster.

Step 6: Redis

LA Trafik uses redis database as a backend storage, where all the keys starts with LA If you ran LiteArch LAB you can notice there is a job to install redis server in the cluster.

Step 7: Configure Environment variables

Environment variables are redis and consul service which might be different according to you chosen domain which might be different from the default domain (consul) If you are using ACL enabled consul cluster you will need a valid ACL Token as well.

Collector

template {
        env=true
        destination="secrets/file.env"
        data= <<EOH
Environment=Development
Configuration__ConnectionString="redis.service.consul"
Configuration__Port="50777"
Configuration__StartRetentionSeconds="3"
Configuration__MaxRetentionSeconds="300"
          EOH
      }

Consolidator

template {
        env=true
        destination="secrets/file.env"
        data= <<EOH
Environment=Development
Configuration__ConnectionString**="redis.service.consul:6379"
Configuration__ConsulToken=""
Configuration__ConsulUrl="http://consul.service.consul:8500"
          EOH
      }

API

template {
        env=true
        destination="secrets/file.env"
        data= <<EOH
Environment=Development
Configuration__ConnectionString="redis.service.consul"
        EOH
      }

Step 8: Portal and API prefixes

The portal has environment variables to customize the deployment behind gateways for example: NGINX One variable would be the link to API endpoint The second variable would be the portal prefix These variables are set in the LAB by replacing the token #API with the api deployed to the LAB

template {
        env=true
        destination="secrets/file.env"
        data= <<EOH
TRAFIK_API_URL="#API"
TRAFIK_PORTAL_PREFIX="trafik-portal"
        EOH
      }

Step 9: Deploy

After finishing the previous steps you have now four ready-to-deploy nomad jobs. They are:

  1. collector.nomad
  2. api.nomad
  3. portal.nomad
  4. consolidator.nomad

Table of Content

  1. Overview
  2. LAB
  3. Setup
  4. Architecture

Clone this wiki locally