Prerequisites
    • PDF

    Prerequisites

    • PDF

    Article summary

    Before you begin the process of deploying Glasswall Halo, ensure that you have the following tools and resources installed and setup.

    Required Tools

    • Helm
    • Kubectl
    • Google Cloud CLI
      • Windows OS:
        • Map .bashrc for the Google Cloud SDK with:
          Shell
          export PATH="/usr/lib/google-cloud-sdk/bin:$PATH"
      • MAC OS:
        • Map .zprofile for the Google Cloud SDK with:
          Shell
          export PATH=$PATH:/Users/<user-name>/google-cloud-sdk/bin

    Note: for help using the Google Cloud CLI or troubleshooting, please refer to the GKE Documentation.

    Required Google Resources

    1. GKE Instance

    • Recommended total of at least 8 vCPU and 32 GB RAM.
    • Minimum node size is 4 vCPU and 16 GB RAM.
    • For production workloads a minimum of 2 nodes is recommended.
    • Recommended GKE Cluster Release Channel and version: Stable Release Channel v1.27.13-gke.1070002
    • Enable the Filestore CSI driver cluster feature on your GKE Cluster.
      • This allows cluster storage to utilize the GKE Filestore CSI driver.
    • In the steps below, the GKE cluster is referred to as: gkename


    Note: Glasswall Halo does not support ARM64 node VMs.

    For guidance on creating an GKE cluster please refer to:

    2. Enable API Services

    Required Google Cloud APIs that are required (enabled) for setting up and managing a GKE cluster 

    • Google Kubernetes Engine API
    • Compute Engine API
    • Cloud Resource Manager API
    • IAM Service Account Credentials API
    • Cloud DNS API
    • Cloud Storage API
    • Cloud Filestore API
    • Identity and Access Management (IAM) API
    • Secret Manager API
    • Service Networking API

    3. Cloud Storage bucket

    • Create a Cloud Storage bucket via the GCP Console
      • This is used to store reports for each file processed by the platform. The SKU of the storage account does not impact performance, but we recommend at least GRS configuration.
    • An additional storage bucket is used as Google File Share backing the cluster's Persistent Volume. This is added to the GKE cluster's GCP Project automatically during the deployment.
    • In the steps below, the Cloud Storage bucket that collects the Halo reports is referred to as: saname.

    4. MongoDB Database

    MongoDB is used to store the Glasswall Halo's content management policies, tally accumulator data, and data for asynchronous file processing and metrics.

    MongoDB is deployed directly inside of your cluster, via the use of MongoDB Helm charts, as seen in Step 8.

    Note: the steps below assume each resource is in the same GCP Project referred to as: project_id.

    5. Access to Glasswall Artifact Registry

    • You are provided with a Token & Token ID to access Glasswall's Artifact Registry.
    • This allows you to directly pull container images and Helm charts from your GKE cluster.
    • In the steps below, the Token and Token ID will be referred to as: token and token_ID.

    6. Assigning Variables

    Variables assigned before you begin

    The variables mentioned in Required Tools above can be assigned before you can begin the Glasswall Halo installation. 

    Note: you'll need to replace **"..."** with your own values.

    • Google GCP Project ID: project_ID="..."
    • Google Kubernetes Cluster name: GKEname="..."
    • Google Cloud Storage Bucket name: saname="..."
    • Google Container Registry Token ID: token_ID="..."
    • Google Container Registry Token: token="..."


     


    Was this article helpful?