Skip to content

Setup in Google Kubernetes Engine

Deploy Eclipse Dirigible in Google Kubernetes Engine (GKE) environment.

Prerequisites

Steps


  1. Access the Google Kubernetes Engine (GKE) environment via the Google Cloud Console:

  2. Create deployment configuration file: deployment.yaml

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: dirigible
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: dirigible
      template:
        metadata:
          labels:
            app: dirigible
        spec:
          containers:
            - name: dirigible
              image: dirigiblelabs/dirigible-all:latest
              imagePullPolicy: Always
              resources:
                requests:
                  memory: "1Gi"
                  cpu: "0.5"
                limits:
                  memory: "4Gi"
                  cpu: "2"
              ports:
                - name: http
                  containerPort: 8080
              env:
                - name: DIRIGIBLE_THEME_DEFAULT
                  value: "fiori"
    
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: dirigible
    spec:
      replicas: 1
      strategy:
        type: Recreate
      selector:
        matchLabels:
          app: dirigible
      template:
        metadata:
          labels:
            app: dirigible
        spec:
          containers:
            - name: dirigible
              image: dirigiblelabs/dirigible-all:latest
              imagePullPolicy: Always
              resources:
                requests:
                  memory: "1Gi"
                  cpu: "0.5"
                limits:
                  memory: "4Gi"
                  cpu: "2"
              ports:
                - name: http
                  containerPort: 8080
              env:
                - name: DIRIGIBLE_THEME_DEFAULT
                  value: "fiori"
              volumeMounts:
                - name: dirigible-data
                  mountPath: /usr/local/tomcat/target/dirigible/repository
          volumes:
            - name: dirigible-data
              persistentVolumeClaim:
                claimName: "dirigible-data"
    ---
    apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: dirigible-data
    spec:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
    
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: dirigible
    spec:
      replicas: 1
      strategy:
        type: Recreate
      selector:
        matchLabels:
          app: dirigible
      template:
        metadata:
          labels:
            app: dirigible
        spec:
          containers:
            - name: dirigible
              image: dirigiblelabs/dirigible-keycloak:latest
              imagePullPolicy: Always
              resources:
                requests:
                  memory: "1Gi"
                  cpu: "0.5"
                limits:
                  memory: "4Gi"
                  cpu: "2"
              ports:
                - name: http
                  containerPort: 8080
              env:
                - name: DIRIGIBLE_THEME_DEFAULT
                  value: "fiori"
                - name: DIRIGIBLE_KEYCLOAK_ENABLED
                  value: "true"
                - name: DIRIGIBLE_KEYCLOAK_AUTH_SERVER_URL
                  value: <your-keycloak-auth-server>
                - name: DIRIGIBLE_KEYCLOAK_REALM
                  value: <your-keycloak-realm>
                - name: DIRIGIBLE_KEYCLOAK_SSL_REQUIRED
                  value: external
                - name: DIRIGIBLE_KEYCLOAK_CLIENT_ID
                  value: <your-keycloak-client-id>
                - name: DIRIGIBLE_KEYCLOAK_CONFIDENTIAL_PORT
                  value: "443"
              volumeMounts:
                - name: dirigible-data
                  mountPath: /usr/local/tomcat/target/dirigible/repository
          volumes:
            - name: dirigible-data
              persistentVolumeClaim:
                claimName: "dirigible-data"
    ---
    apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: dirigible-data
    spec:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
    

    Replace Placeholders

    Before deploying, replace the following placeholders:

    • <your-keycloak-auth-server> with your Keycloak Auth server (e.g. https://keycloak-server/auth/).
    • <your-keycloak-realm> with your Keycloak Realm (e.g. my-realm).
    • <your-keycloak-client-id> with your Keycloak Client Id (e.g. my-client).

    Eclipse Dirigible versions

    Instead of using the latest tag (version), for production and development use cases it is recomended to use a stable release version:

    • All released versions can be found here.
    • All Eclipse Dirigible Docker images and tags (versions) can be found here.
  3. Create service configuration file: service.yaml

    apiVersion: v1
    kind: Service
    metadata:
      name: dirigible
      labels:
        app: dirigible
    spec:
      ports:
        - name: http
          port: 8080
      type: ClusterIP
      selector:
        app: dirigible
    
    apiVersion: v1
    kind: Service
    metadata:
      name: dirigible
      labels:
        app: dirigible
    spec:
      ports:
        - name: http
          port: 8080
      type: NodePort
      selector:
        app: dirigible
    ---
    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: dirigible
    spec:
      rules:
        - host: <set-your-domain-or-ip>
          http:
            paths:
              - path: /
                pathType: Prefix
                backend:
                  service:
                    name: dirigible
                    port:
                      number: 8080
    

    Note

    Prerequisites

    • Install Istio, if not already installed.
    • Install cert-manager, if not already installed.
    • Register your zone in Google Cloud PlatformCloud DNS, if not already registered.

    Register DNS Record Set

    • Get the Istio Ingress Gateway IP:
    kubectl get service -n istio-system istio-ingressgateway -o jsonpath="{.status.loadBalancer.ingress[0].ip}"
    
    • Register DNS Record Set:
    gcloud dns record-sets transaction start --zone=<your-cloud-dns-zone-name>
    
    gcloud dns record-sets transaction add <istio-ingress-gateway-ip> \
    --name=dirigible.<your-custom-domain> \
    --ttl=300 \
    --type=A \
    --zone=<your-cloud-dns-zone-name>
    
    gcloud dns record-sets transaction execute --zone=<your-cloud-dns-zone-name>
    
    apiVersion: cert-manager.io/v1
    kind: Certificate
    metadata:
      name: dirigible
    spec:
      secretName: dirigible
      issuerRef:
        name: letsencrypt
        kind: ClusterIssuer
      commonName: "dirigible.<your-custom-domain>"
      dnsNames:
      - "dirigible.<your-custom-domain>"
    ---
    apiVersion: networking.istio.io/v1beta1
    kind: Gateway
    metadata:
      name: dirigible-gateway
    spec:
      selector:
        istio: ingressgateway
      servers:
      - hosts:
        - dirigible.<your-custom-domain>
        port:
          name: http
          number: 80
          protocol: HTTP
        # Initially it should be commented, then uncomment to enforce https!
        # tls:
        #   httpsRedirect: true
        tls:
          httpsRedirect: false
      - hosts:
        - dirigible.<your-custom-domain>
        port:
          name: https-443
          number: 443
          protocol: HTTPS
        tls:
          credentialName: dirigible
          mode: SIMPLE
    ---
    apiVersion: networking.istio.io/v1alpha3
    kind: VirtualService
    metadata:
      name: dirigible
    spec:
      hosts:
      - dirigible.default.svc.cluster.local
      - dirigible.<your-custom-domain>
      gateways:
      - dirigible-gateway
      - mesh
      http:
      - match:
        - uri:
            prefix: /
        route:
        - destination:
            port:
              number: 8080
            host: dirigible.default.svc.cluster.local
    

    Replace Placeholders

    Before deploying, replace the following placeholders:

    • <your-cloud-dns-zone-name> with your Cloud DNS Zone name (e.g. my-zone).
    • <istio-ingress-gateway-ip> with your Istio Ingress Gateway IP (e.g. 32.118.56.186).
    • <your-custom-domain> with your custom domain (e.g. my-company.com).

    To enforce HTTPS, after the initial deployment, update the following fragment:

    # Initially it should be commented, then uncomment to enforce https!
    # tls:
    #   httpsRedirect: true
    

  4. Deploy to the Google Kubernetes Engine Cluster with:

    kubectl apply -f deployment.yml
    
    kubectl apply -f service.yml
    
  5. Open a web browser and go to: https://dirigible.<your-google-kubernetes-engine-domain>