Skip to main content

0. Preparation

Be sure to have all requirements in place before moving on to the next step.

Cluster

Please have a Kubernetes cluster available including sufficient authorization. The cluster must use at least Kubernetes version v1.18.0.

Make sure the default kubectl cluster is set to the correct cluster for the duration of this guide.

Domain names

Make sure you have a domain name ready that can be used to make the Inway publicly available. The Inway, which you will install, will create a load balancer on your Kubernetes cluster. Traffic must be allowed to this load balancer (maybe there are firewall rules?). The domain you want to use for your Inway must point to the IP of this load balancer. In addition, a domain is also required for the Manager. This domain should route traffic to your Kubernetes cluster.

Working directory

While following this installation guide you will be asked several times to download or change files. In this guide, we assume that you save all these files in the same directory and execute the commands from this directory with the terminal.

mkdir your-directory
cd your-directory

Tooling

MacOS users

The default installation of OpenSSL on Mac OS is not suitable for creating V3 CA certificates. Therefore, install v1.1 using brew install openssl@1.1.

Windows users

Install OpenSSL with the following command: choco install OpenSSL.Light

Download base files

Now get the necessary base files using:

curl --location \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/internal-issuer.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/auditlog-internal-tls.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/auditlog-values.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/inway-internal-tls.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/inway-values.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/controller-internal-tls.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/controller-values.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/manager-internal-tls.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/manager-internal-unauthenticated-tls.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/manager-values.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/outway-internal-tls.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/outway-values.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/txlog-api-internal-tls.yaml \
--remote-name https://gitlab.com/commonground/nlx/fsc-nlx/-/raw/main/technical-docs/helm-installation-guide/txlog-api-values.yaml

Check the files are now in your working directory using:

ls

The following files must be available:

auditlog-internal-tls.yaml
controller-internal-tls.yaml
internal-issuer.yaml
inway-internal-tls.yaml
manager-internal-tls.yaml
auditlog-values.yaml
controller-values.yaml
inway-values.yaml
manager-values.yaml
outway-values.yaml
outway-internal-tls.yaml
txlog-api-internal-tls.yaml
txlog-api-values.yaml

Add the CommonGround charts

Add the CommonGround chart repository to your Helm installation:

helm repo add commonground https://charts.commonground.nl

helm repo update