Step 6 - Install and configure prerequisite components
    • PDF

    Step 6 - Install and configure prerequisite components

    • PDF

    Article summary

    Gather Role ARNs

    • If you have role names, please use the commands below to get the role ARNs. If you already have the role ARNs from the roles created in Prerequisites, you can skip this part.

    Note: ensure that you update the <prefix> in the the commands before running them. 

    external_secrets_iam_role_arn=$(aws iam get-role --role-name role-cdrp-ext-secrets-<prefix> --profile <profile> --query 'Role.Arn')
    echo "external_secrets_iam_role_arn=${external_secrets_iam_role_arn}"
    efs_iam_role_arn=$(aws iam get-role --role-name role-cdrp-efs-csi-<prefix> --profile <profile> --query 'Role.Arn')
    echo "external_secrets_iam_role_arn=${efs_iam_role_arn}"

    Now that you have access to the Helm charts, they can be deployed.

    Install Prerequisite Components

    • Replace <external_secrets_iam_role_arn> with with the ARN value of the role that has access to secret manager and <region> with Secrets Manager region
    • Replace <region> with the EKS region and <efs_iam_role_arn> with the ARN value of the role that has access to secret manager
    • Then run the following commands. 
    # Install rabbitMQ cluster operator
    ```sh
    helm upgrade --install rabbitmq-cluster-operator bitnami/rabbitmq-cluster-operator \
      --atomic \
      --version 4.3.23 \
      --set msgTopologyOperator.fullnameOverride=rabbitmq-messaging-topology-operator \
      --set clusterOperator.image.tag=2.10.0-debian-12-r1 \
      --set msgTopologyOperator.image.tag=1.14.2-debian-12-r5 \
      --set credentialUpdaterImage.tag=1.0.4-debian-12-r27 \
      --set rabbitmqImage.tag=3.13.7-debian-12-r4 \
      --set clusterOperator.watchAllNamespaces=false \
      --set clusterOperator.watchNamespaces={cdrplatform} \
      --set msgTopologyOperator.watchAllNamespaces=false \
      --set msgTopologyOperator.watchNamespaces={cdrplatform} \
      --set clusterOperator.resources.requests.cpu=100m \
      --set clusterOperator.resources.requests.memory=256Mi \
      --set clusterOperator.resources.limits.cpu=100m \
      --set clusterOperator.resources.limits.memory=256Mi \
      --set msgTopologyOperator.resources.requests.cpu=100m \
      --set msgTopologyOperator.resources.requests.memory=256Mi \
      --set msgTopologyOperator.resources.limits.cpu=100m \
      --set msgTopologyOperator.resources.limits.memory=256Mi
    
    # Install keda
    helm upgrade --install keda kedacore/keda -n cdrplatform --atomic \
      --create-namespace \
      --version 2.15.1
    
    # Install nginx ingress controller
    helm upgrade --install nginx-ingress ingress-nginx/ingress-nginx -n cdrplatform --atomic --create-namespace \
      --version 4.11.2
    
    # Install External Secrets
    helm upgrade --install external-secrets external-secrets/external-secrets -n cdrplatform --atomic --create-namespace \
      --version 0.10.4 \
      --set installCRDs=true
    
    # Replace <external_secrets_iam_role_arn> with with the ARN value of the role that has access to secret manager and <region> with Secrets Manager region
    helm upgrade --install cdrplatform-external-secrets -n cdrplatform cdrplatform-external-secrets --atomic --create-namespace \
      --set cloud_providers.aws.enabled=true \
      --set cloud_providers.aws.secretsManager.iam_role="<external_secrets_iam_role_arn>" \
      --set cloud_providers.aws.secretsManager.region="<region>"
    
    # Replace <region> with the EKS region and <efs_iam_role_arn> with the ARN value of the role that has access to secret manager
    
    helm upgrade -i aws-efs-csi-driver aws-efs-csi-driver/aws-efs-csi-driver \
      --namespace cdrplatform \
      --set image.repository=602401143452.dkr.ecr.<region>.amazonaws.com/eks/aws-efs-csi-driver \
      --set controller.serviceAccount.create=true \
      --set controller.serviceAccount.name=sa-efs-csi-controller \
      --set controller.serviceAccount.annotations."eks\.amazonaws\.com/role-arn"="<efs_iam_role_arn>"

    Note: when upgrading the `rabbitmq-cluster-operator` helm chart CRDs will not be installed. If new CRDs are introduced in the new releases, the CRDs needs to be installed manually to avoid issues with running the rabbitmq cluster operator pods.

    helm pull bitnami/rabbitmq-cluster-operator --untar
    kubectl apply -f rabbitmq-cluster-operator/crds/

    Install Supporting Components

    • Run the following commands:
    helm upgrade --install cdrplatform-rabbitmq -n cdrplatform cdrplatform-rabbitmq \
      --set image.repository=glasswallhub.azurecr.io/cdrplatform-rabbitmq \
      --set image.tag=77417 \
      --set cloud_provider=aws --atomic
    
    # Replace <file_system_id> and <efs_iam_role_arn> with values
    helm upgrade --install cdrplatform-storage -n cdrplatform cdrplatform-storage --set cloud_provider=aws --set aws.efs.file_system_id=<file_system_id> \
        --set aws.efs.role_arn=<efs_iam_role_arn>


     


    Was this article helpful?