Installing Hybrid Manager on AWS EKS
You can install the Hybrid Manager (HM) on Amazon EKS.
Important
Completed the prerequisites before you start this part of the installation process.
Set the version to install
The version of the EDB Software Deployment platform is set by the environment variable EDB_PLATFORM_VERSION. This should be set to the version of the platform you wish to install. For example, to install version v1.2.0, you would set the environment variable as follows:
export EDB_PLATFORM_VERSION="v1.2.0"
Set your token
This installation process requires that you save your EDB subscription token as an environment variable. You can obtain it by going to your EDB Account Profile. (Log in if prompted to.) There you will find an entry for Repos 2.0 token:
Take this value and set it as an environment variable:
export EDB_SUBSCRIPTION_TOKEN="your-token"
Obtain the bootstrap kit
Hybrid Manager is installed using a bootstrap kit. This kit is a collection of scripts and Helm charts that are used to install the EDB Software Deployment platform.
Copy all files to a directory on your local machine and cd into that directory.
Install secrets
The bootstrap process requires a number of secrets to be installed in the Kubernetes cluster. These secrets are used to authenticate with the EDB Download Repository and to store the credentials for the EDB Software Deployment platform.
to install the secrets required for the bootstrap process, run the install-secrets.sh script. (As you already set the token as an environment variable, you can pipe it into the script.)
echo $EDB_SUBSCRIPTION_TOKEN | $SHELL eks-install-secrets.sh
Enter the password for pgai-platform@docker.enterprisedb.com
Creating secret edb-cred
namespace/upm-replicator configured
secret/edb-cred configured
namespace/edbpgai-bootstrap configured
secret/edb-cred configured
secret/edb-cred annotated
PG_CONFOUNDING_KEY is 01234567890123456789ABCDEFG - store safely
Installation completedThis process creates secrets needed for Hybrid Manager to run. You can find out more about these secrets in:
A secret for Griptape and DeltaLake object storage configuration (optional for GenAI Builder)
A secret for Catalog (optional for using Catalog)
See also custom secrets for Migration Portal (optional to secure internal communications with Migration Portal)
Prepare the values file
The bootstrap process requires a number of values to be set in the Helm chart. These values are stored in a file called values.yaml. You can create this file by running the prepare.sh script, which uses variables from the default-env.sh file. Edit the default-env.sh file to set the values you require.
This is the default default-env.sh file:
# exports for EKS export EDB_PLATFORM_VERSION="v1.2.0" export EDB_TARGET_PLATFORM="eks" export CONTAINER_REGISTRY_URI="docker.enterprisedb.com/pgai-platform" export IMAGESET_REGISTRY_URI=$CONTAINER_REGISTRY_URI export IMAGESET_AUTHTYPE="token" export PORTAL_DOMAIN_NAME="portal.foo.network" export TRANSPORTER_RW_SERVICE_DOMAIN_NAME="transporter.foo.network" export BEACON_SERVICE_DOMAIN_NAME="beacon.foo.network" export AUTHENTICATION_EMAIL="owner@mycompany.com" export AUTHENTICATION_USER="owner@mycompany.com" export LOCATION_NAME="default-location" # Set a password hash for the user or pass a password to have it hashed for you. # If you pass a password, you will need to remove it from your history. # You can hash a password using the following command: # echo -n "password" | htpasswd -BinC 10 admin | cut -d: -f2 # #export AUTHENTICATION_PASSWORD="password" export AUTHENTICATION_PASSWORD_HASH="$2y$10$vKOAXfLHbeV1OQxMpxlLdOIwnX.JAN.ZrD9ZU//ocrNQwhQIMtXhy"
Here is a brief guide to the variables in the default-env.sh file.
| Variable | Description |
|---|---|
| EDB_TARGET_PLATFORM | The target platform for the installation. Set to eks as we are installing on Amazon EKS. |
| CONTAINER_REGISTRY_URI | The URI of the container registry to use. This is set to the EDB Download Repository. |
| IMAGESET_REGISTRY_URI | The URI of the image set registry. This is set to the EDB Download Repository. |
| IMAGESET_AUTHTYPE | The authentication type for the image set registry. Set to token as we are using a token to authenticate with the EDB Download Repository. |
| TRANSPORTER_RW_SERVICE_DOMAIN_NAME | The domain name for the Transporter service. |
| PORTAL_DOMAIN_NAME | The domain name for the portal. |
| BEACON_SERVICE_DOMAIN_NAME | The domain name for the beacon service. |
| AUTHENTICATION_EMAIL | The email address of the user to create. |
| AUTHENTICATION_USER | The username of the user to create. |
| AUTHENTICATION_PASSWORD | The password of the user to create. This can be set as plain text or as a hash with AUTHENTICATION_PASSWORD_HASH. |
| AUTHENTICATION_PASSWORD_HASH | The hash of the password to create. |
| LOCATION_NAME | The location name for the beacon agent, also known as Agent. |
Run the prepare.sh script to create the values.yaml file.
$SHELL prepare.shThis create a values.yaml file with the values set in the default-env.sh file.
Install the Helm chart repo with the following command:
helm repo add edbpgai "https://downloads.enterprisedb.com/${EDB_SUBSCRIPTION_TOKEN}/pgai-platform/helm/charts"
Once the charts repository is added, ensure it is up to date:
helm repo update
Now you can create the values.yaml file from the helm repo using the following command:
helm show values edbpgai/edbpgai-bootstrap > values.yamlYou now have a values.yaml file with the chart's default values for the bootstrap process.
You need to create two values for the bootstrap process. These are the AES_256_KEY and the AUTHENTICATION_PASSWORD_HASH. You can create these values with the following commands:
export AES_256_KEY=$(openssl rand -base64 32)
If you have a password to hash, you can do so with the following command:
export AUTHENTICATION_PASSWORD_HASH=$(echo -n $AUTHENTICATION_PASSWORD | htpasswd -BinC 10 admin | cut -d: -f2)
You now need to edit values.yaml file and set the values required for your installation. Find the appropriate key in the values.yaml file and set the values as follows. Replace $<name> entries with the value you have set the environment variables of the same name to.
- Sets
bootstrapImageNameto $CONTAINER_REGISTRY_URI followed by "/edbpgai-bootstrap/bootstrap-" and then $EDB_TARGET_PLATFORM. eg, given the values above, this would bedocker.enterprisedb.com/pgai-platform/edbpgai-bootstrap/bootstrap-eks. - Set
bootstrapImageTagto $EDB_PLATFORM_VERSION. - Set
parameters.upm-istio.cookie_aeskeyto $AES_256_KEY. - Set
containerRegistryURLto $CONTAINER_REGISTRY_URI. - Set
systemto $EDB_TARGET_PLATFORM. - Set
parameters.global.portal_domain_nameto $PORTAL_DOMAIN_NAME. - Set
parameters.transporter-rw-service.domain_nameto $TRANSPORTER_RW_SERVICE_DOMAIN_NAME. - Set
parameters.transporter-dp-agent.rw_service_urltohttps://followed by $TRANSPORTER_RW_SERVICE_DOMAIN_NAME followed by/transporter. eg, given the values above, this would behttps://transporter.foo.network/transporter. - Set
parameters.upm-beacon.server_hostto $BEACON_SERVICE_DOMAIN_NAME. - Set
pgai.portal.authentication.staticPasswords[0].emailto $AUTHENTICATION_EMAIL. - Set
pgai.portal.authentication.staticPasswords[0].hashto $AUTHENTICATION_PASSWORD_HASH. - Set
pgai.portal.authentication.staticPasswords[0].usernameto $AUTHENTICATION_USER. - Set
pgai.portal.authentication.staticPasswords[0].userID"c5998173-a605-449a-a9a5-4a9c33e26df". - Set
beaconAgent.locationto $LOCATION_NAME
Apply the Helm chart
With the values.yaml file prepared, you can apply the Helm chart to start the bootstrap process. This create the necessary resources in the Kubernetes cluster to start the bootstrap process.
helm upgrade -n edbpgai-bootstrap \ --install -f ./values.yaml \ --version "${EDB_PLATFORM_VERSION/-appl/+appl}" \ edbpgai-bootstrap edbpgai/edbpgai-bootstrap
This command installs the bootstrap container in the Kubernetes cluster. The bootstrap container then installs the rest of the EDB Software Deployment platform.
Follow the bootstrap process
The bootstrap process takes time to complete. You can follow the progress by looking at the logs of the bootstrap container:
kubectl logs -f -l app=edbpgai-bootstrap -n edbpgai-bootstrap
Configure the IP address in /etc/hosts
Obtain the IP address of your ingress gateway to configure in your /etc/hosts file. Run:
kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' | strings | nslookup
This command returns output like:
Server: 192.168.111.1
Address: 192.168.111.1#53
Non-authoritative answer:
Name: k8s-istiosys-istioing-b3dc9b4f3c-81dc5c45b1d5f6d2.elb.us-east-1.amazonaws.com
Address: 52.70.180.102At this point your have the IP address of the portal. You can add this IP address to your DNS service and map it to the domain name you set in the default-env.sh file, which is portal.foo.network in this example.
If you do not have a DNS service configured, consider adding the IP address to your local /etc/hosts file. This will allow you to access the Hybrid Manager portal using the domain name you set in the default-env.sh file.
You can then add IP address to your /etc/hosts file like this:
echo "52.70.180.102 portal.foo.network" | sudo tee -a /etc/hosts
Substitute the IP address with the value you obtained earlier.
Next steps
You can now verify the installation by connecting to the HM Console.
← Prev
Install Hybrid Manager on EKS
↑ Up
Install Hybrid Manager on EKS
Next →
Installing Hybrid Manager on AWS EKS using the Hybrid Manager Operator
Could this page be better? Report a problem or suggest an addition!