search string side menu

ELMA365 On-Premises > ELMA365 On-Premises Enterprise / Install ELMA365 Enterprise

Install ELMA365 Enterprise

ELMA365 On-Premises is installed in a Kubernetes cluster. It uses PostgreSQL, MongoDB, RabbitMQ, Redis databases, and an S3 (MinIO) storage. For more details, refer to the Architecture article.

 

The installation consists of five steps:

  1. Prepare infrastructure (optional).
  2. Download the helm chart and the configuration file.
  3. Fill out the configuration file.
  4. Install ELMA365 using helm in a Kubernetes cluster.
  5. Install add-ons for ELMA365 (optional).

Before starting the installation, read the system requirements of ELMA365 On-Premises Enterprise.

 

Step 1: Prepare infrastructure (optional)

By infrastructure we mean the necessary components for the operation of the ELMA365 On-Premises application.

начало внимание

It is assumed that the dependent components should be deployed by the client independently. All work related to organizing a high-availability local architecture and setting up the high availability of dependent components is also done by the client.

конец внимание

Components necessary for ELMA365 On-Premises operation:

  • Kubernetes cluster;
  • PostgreSQL;
  • MongoDB;
  • RabbitMQ;
  • Redis;
  • S3 (MinIO).

In this article, databases and the S3 storage are installed in the Kubernetes cluster and use standard connection strings and passwords.

Requirements for component configuration

Kubernetes configuration requirements

The installed version of the Kubernetes cluster should support Kubernetes API v.2 (Kubernetes version 1.19 - 1.26) and contain the following components: ingress-nginx controller, coredns, rbac, storageclass.

The installation is done using Helm v.3.

Proxying from pods to the external network should be allowed.

If you need to deploy a Kubernetes cluster, refer to the articles in the Kubernetes section.

 

Data storage

You can use your existing databases and S3 storage as components for ELMA365 On-Premises. There is also an option to combine your components with those deployed using the elma365-dbs or elma365-stack charts. In the next installation steps, you will need to specify the connection strings to the databases and the S3 storage.

If there's a need to deploy all or just the missing components, refer to the articles in the Databases section.

 

High availability

To ensure continuous operation of ELMA365 on Bare-metal servers, it is necessary to build a high-availability Kubernetes cluster and ensure the operation of the used databases and S3 storage.

 

Offline installation (Air-gap)

You can install ELMA365 in a closed-loop environment without direct access to the external container image storage. For this, on a computer with internet access, you need to download the ELMA365 application images and import them into a local image repository.

You can skip this section if the component configuration requirements are met and there's no need to deploy components necessary for the operation of ELMA365 On-Premises.

 

Step 2: Download the helm chart and configuration file

Obtain the configuration file values-elma365.yaml for installation via the internet by executing the following command:

helm repo add elma365 https://charts.elma365.tech
helm repo update
helm show values elma365/elma365 > values-elma365.yaml

Obtaining the configuration file for installation in a closed loop without internet access

  1. On a computer with internet access, download the ELMA365 images and upload them to the local image registry.
  2. Download the archive of the latest version of the ELMA365 On-Premises chart from the elma365 repository by executing the following command:

helm repo add elma365 https://charts.elma365.tech
helm repo update
helm pull elma365/elma365

  1. Copy the received chart archive elma365-X.Y.Z.tgz to the server where the installation will take place.
  2. Unpack the obtained chart on the server and copy the default configuration file values.yaml to values-elma365.yaml. To do this, run the following command:

tar -xf elma365-X.Y.Z.tgz
cp elma365/values.yaml values-elma365.yaml

Step 3: Fill out the configuration file

For a quick start of the app, fill out the main parameters:

  • global.host — domain (FQDN) or IP address by which the system will be accessible;
  • bootstrapCompany.email — administrator's email;
  • bootstrapCompany.password — administrator's password;
  • db.psqlUrl — connection string to the PostgreSQL DB;
  • db.mongoUrl — connection string to the MongoDB for the app;
  • db.vahterMongoUrl — connection string to the MongoDB for the authorization server;
  • db.redisUrl — connection string to Redis;
  • db.amqpUrl — connection string to RabbitMQ;
  • db.s3.method — request method to S3;
  • db.s3.accesskeyid — S3 username;
  • db.s3.secretaccesskey — password for the S3 user;
  • db.s3.bucket — S3 bucket;
  • db.s3.backend.address — S3 address;
  • db.s3.backend.region — S3 region;
  • db.s3.ssl.enabled — enabling S3 SSL.

Fill in the variables in the values-elma365.yaml file by performing the following actions:

  1. Set the FQDN domain or IP address through which the system will be accessible in the global.host parameter.

In the article Preparing Built-In Databases, on Step 1, you should have prepared an S3 MinIO storage, which is accessible via the FQDN domain elma365_server.your_domain. When using the built-in S3 storage accessible by the FQDN, ELMA365 should be accessible under the same domain name. To do this, in global.host specify elma365_server.your_domain and enable the ingress binding to the domain elma365_server.your_domain. To do this, set the value true for the ingress.hostEnabled parameter.

global:
  ## domain (FQDN) or IP address where the system will be available
  host: 'elma365_server.your_domain'
  ingress:
    hostEnabled: true

  1. Complete the company creation parameters in the bootstrapCompany section. The company will be created during the ELMA365 installation.
  2. Set the administrator's email address in the bootstrapCompany.email parameter. This address will serve as the login for the main administrator.

The main administrator's login cannot be changed after the system installation.

  1. Indicate, according to your security policy, the password for the main administrator's login in the bootstrapCompany.password parameter.
  2. Set the company language in the bootstrapCompany.locale parameter, for example, en-US:

bootstrapCompany:
  ## Admin email
  email: "admin@mail.com"
  ## Admin password
  password: "test"
  ## Installed system language, possible options: "ru-RU", "en-US", "sk-SK"
  locale: "en-US"

  1. Set the installed system language in the language.default parameter, for example, en-US:

language:
  ## Installed system language, possible options: "ru-RU", "en-US", "sk-SK"
  default: "en-US"

  1. Fill in the connection strings for the PostgreSQL, MongoDB, RabbitMQ, Redis databases. To do this, you need to fill in the following parameters: db.psqlUrl, db.mongoUrl,

db:
 ## Connection string for Postgres DB, format:
postgresql://user:password@hostname:5432/databaseName
 psqlUrl: 'postgres://postgres:pgpassword@postgres.elma365-dbs.svc.cluster.local:5432/elma365?sslmode=disable'
 ## Connection string for read-only Postgres DB, format:
postgresql://user:password@hostname:5432/databaseName
 roPsqlUrl: ''
 ## Connection string for the MongoDB for the application, format:
mongodb://user:password@hostname:27017/databaseName
 mongoUrl: 'mongodb://elma365:mongopassword@mongo.elma365-dbs.svc.cluster.local:27017/elma365?ssl=false&replicaSet=rs0&readPreference=secondaryPreferred'
 ## Connection string for MongoDB for the authorization server, format:
mongodb://user:password@hostname:27017/databaseName
 vahterMongoUrl: 'mongodb://elma365:mongopassword@mongo.elma365-dbs.svc.cluster.local:27017/elma365?ssl=false&replicaSet=rs0&readPreference=secondaryPreferred'
 ## Connection string for Redis, format:
redis://user:password@redis.local:6379/databaseName
 redisUrl: 'redis://redis.elma365-dbs.svc.cluster.local:6379/0'
 ## Connection string for Rabbit, format:
amqp://user:password@hostname:5672/vhost
 amqpUrl: 'amqp://elma365:rmqpassword@rabbitmq.elma365-dbs.svc.cluster.local:5672/elma365'

  1. Fill in the parameters for connecting to the S3 file storage:
  • db.s3.method — S3 request method;
  • db.s3.accesskeyid — S3 username;
  • db.s3.secretaccesskey — password for the S3 user;
  • db.s3.secretaccdb.s3.bucket — S3 bucket;
  • db.s3.backend.address — S3 address;
  • db.s3.backend.region — S3 region;
  • db.s3.ssl.enabled — enable S3 SSL.

db:
 s3:
   method: PUT
   accesskeyid: PZSF73JG72Ksd955JKU1HIA
   secretaccesskey: aFDkj28Jbs2JKbnvJH678MNwiz88zKjsuNBHHs
   bucket: s3elma365
   backend:
     address: elma365_server.your_domain
     region: us-east-1
   ssl:
     enabled: "false"

 

Filling in the connection parameters to a private registry for installation in a closed-loop without internet access

To connect to a private registry in a closed loop, do the following:

  • Set the address and path in the global.image.repository parameter.
  • Indicate the name of the secret with access rights to the private registry in the global.image.pullSecret parameter. The private registry should be manually created and encrypted in Base64 global:

 ## address and path for private registry
 image:
   repository: registry.example.com/images/elma365
   ## secret with access permissions for the private registry must be created manually, 
   encoded in Base64 
   pullSecret:
     - name: myRegistryKeySecretName

 

 

Where format of repository is:

registry.example.com — address;

/images/elma365 — path.

 

The configuration file values-elma365.yaml contains a large number of parameters for the ELMA365 On-Premises application.

Step 4: Install ELMA365 using helm in the Kubernetes cluster

  1. Install  ELMA365 Enterprise using the configuration file values-elma365.yaml. If you need to install the application in a separate namespace, specify it in the installation command:

helm upgrade --install elma365 elma365/elma365 \
-f values-elma365.yaml \
--timeout=30m --wait [-n namespace]

To install the ELMA365 Enterprise application in an isolated environment without internet access, run the following command:

helm upgrade --install elma365 ./elma365 \
-f values-elma365.yaml \
--timeout=30m --wait [-n namespace]

The installation time for the ELMA365 Enterprise application takes 10-30 minutes. Wait for the update of the ELMA365 Enterprise application parameters.

  1. Open a browser and navigate to the ELMA365 Enterprise login page at http://global.host. The global.host parameter was specified in the values-elma365.yaml configuration file in the step of downloading the helm chart and configuration file.

In the given example, the following login page address for the ELMA365 Enterprise application is used: http://example.com

  1. Use the administrator's email address as the login and the password you used in the values-elma365.yaml configuration file for the parameters bootstrapCompany.email and bootstrapCompany.password.

In the given example, the following are used:

  • Login — admin@mail.com;
  • Password — test.

Click the Login to the system button.

  1. The ELMA365 system activation window will open.
  2. Fill out the form, tick the box at the bottom of the form to agree to the terms of the user agreement and the privacy policy.

 

  1. Click the Try 2 weeks free button.

Then, the ELMA365 application window will open.

signin1

The installation of the ELMA365 Enterprise edition application has been successfully completed.

начало внимание

Save the values-elma365.yaml configuration file for future updates.

конец внимание

 

Step 5: Install add-ons for the ELMA365 application (optional)

Under add-ons for the ELMA365 application, components are understood that extend the functional and infrastructure capabilities of the ELMA365 application, which include:

  • Linkerd routing system (Service Mesh);
  • Prometheus + Grafana monitoring system;
  • Descheduler;
  • NodeLocal DNSCache;
  • Kyverno;
  • KEDA;
  • The Security Audit module.

Add-ons are installed as needed, considering the existing infrastructure

elma365-enterprise.html change-settings-enterprise.html

Found a typo? Highlight the text, press ctrl + enter and notify us