Deploy a Groundplex on Kubernetes
Overview
SnapLogic supports Kubernetes orchestration on your Groundplex instances. You can deploy Snaplex nodes in your Kubernetes environment by creating a Helm Chart that defines the node configuration for discoverability within the Kubernetes environment. This article explains how you can deploy and configure SnapLogic Snaplex nodes in a Kubernetes environment and contains an attached Helm Chart that you can use.
Workflow
- Download the Snaplex configuration file
- Run the Snaplex Service
- Deploy Helm chart
- Deploy a Load Balancer
- You must be an Environment admin.
- You are familiar with the SnapLogic Snaplex installation process.
Download the configuration file from Admin Manager
- In Admin Manager, navigate to your target Groundplex instance and select it to display the Snaplex screen.
- In the Downloads tab, click to copy the Configuration link. Paste this link into your Helm chart.
- Click Cancel to exit the screen.
- Since the configuration link has an expiration, to ensure that the Kubernetes control plane continues to run:
- Delete all query string parameters from the configuration link URL. In the following example URL, delete everything from the question mark (?) to the end: https://elastic.snaplogic.com/api/1/rest/plex/config/PlatformQA/shared/Ground_Triggered?expires=1613086219&[email protected]_sl_authproxy_key=1BN...
- Set the parameter
snaplogic_secret
in the Helm chart YAML file to the name of the Kubernetes secret you create, as described in the Deploying the Helm Chart section.
Run the Snaplex with Org credentials
You can associate Environment admin credentials with the SnapLogic secret created when enabling Enhanced encryption. Doing so makes it easier to share the Snaplex service with the users in your Org. Both the credentials for the SnapLogic Environment admin and the Enhanced encryption secret are in JSON format as key/value pairs.
- Generate a key and encode it for each value. We recommend you use base64 to encode the values.
- To create the SnapLogic secret:
- Create the YAML file with the following two keys, username and password as shown in the example YAML file below:
Example YAML file:
apiVersion: v1 kind: Secret metadata: name: mysecret type: Opaque data: username: base64 username password: base64 password
Tip: Run the following command to encode your username/password into the text of the secret:$ echo -n "snaplogic_username_or_password" | base64
Important: If your password includes any of the following characters, you must escape the character with a backslash (\) in the string that you pass to the encoder:\ (backslash) $ (dollar sign) ' (apostrophe or single-quote) ` (backtick) " (double-quotes) & (ampersand) | (pipe symbol) ; (semicolon) ! (exclamation mark) For example, if your password is mypa$$word, pass the string mypa\$\$word to the Base64 encoder.
- Run the following command:
$ kubectl apply -f snaplogic_secret.yaml
- Create the YAML file with the following two keys, username and password as shown in the example YAML file below:
Example YAML file:
- (Optional) If Enhanced Encryption is enabled for your Org, create the Enhanced Encryption secret by running the following commands:
$ kubectl create secret generic enhanced-encryption-secret --from-file=keystore_jks --from-file=keystore_pass
$ kubectl apply -f enhanced_encryption_secret.yaml
- After the secret is created, delete the YAML file, as it is no longer needed.
Important: Refer to the Kubernetes documentation regarding the management of the secret.You can now deploy the Helm Chart
Deploying the Helm Chart
- values.yaml - This file is the Helm chart.
- templates folder - Boilerplate charts based on parameters.
- Chart.yaml - This file contains metadata about the artifact repository.
The following list describes each field parameter in the values.yaml
file
Field | Description |
---|---|
Regular nodes count | Specifies the number of JCC Nodes to deploy. |
FeedMaster nodes count | Specifies the number of FeedMaster nodes to deploy. |
Docker image of SnapLogic Snaplex image | Specifies the repository where the image resides and the tag indicating the version of the image. While you can specify a version of your Snaplex, we recommend that you enter the latest version for the most recently released SnapLogic build. |
SnapLogic configuration link | Specifies the link to the SnapLogic JCC configuration file (also known as .slpropz). |
SnapLogic Org admin credential | Specifies the secret (an encoded username and password) to authenticate the deployment. |
Enhanced encryption secret | Specifies the secret (an additional encoded username and password) to authenticate the deployment, available to the user only. |
CPU and memory limits for the nodes | Specifies the upper limits and requests for the CPU and memory resources. You can set these values for upper limits only; the lower limits are system-defined and cannot be modified.. |
Default file ulimit and process ulimit | Specifies the number of possible open file descriptors and processes in a node CPU. |
Probes | Monitors the SnapLogic app. |
Autoscaling | Sets autoscaling properties. Enabled to false by default. Contact your CSM for SnapLogic recommendations for this setting. |
Termination Grace Period Seconds | The time to shut down a node gracefully before it gets terminated. |
IPv6 | Enabled to false by default. You can enable IPv6 for your connections if your infrastructure supports it. |
# Default values for snaplogic-snaplex.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# Regular nodes count
jccCount: 1
# Feedmaster nodes count
feedmasterCount: 1
# Docker image of SnapLogic snaplex
image:
repository: snaplogic/snaplex
tag: latest
# SnapLogic configuration link
snaplogic_config_link:
# SnapLogic Org admin credential
#snaplogic_secret:
# Enhanced encryption secret
#enhanced_encrypt_secret:
# CPU and memory limits/requests for the nodes
limits:
memory: 8Gi
cpu: 2000m
requests:
memory: 8Gi
cpu: 2000m
# Default file ulimit and process ulimit
sl_file_ulimit: 8192
sl_process_ulimit: 4096
# Enable/disable startup, liveness and readiness probes
probes:
enabled: true
# JCC HPA
autoscaling:
enabled: false
minReplicas:
maxReplicas:
# Average count of Snaplex queued pipelines (e.g. targetPlexQueueSize: 5), leave empty to disable
# To enable this metric, Prometheus and Prometheus-Adapter are required to install.
targetPlexQueueSize:
# Average CPU utilization (e.g. targetAvgCPUUtilization: 50 means 50%), leave empty to disable.
# To enable this metric, Kubernetes Metrics Server is required to install.
targetAvgCPUUtilization:
# Average memory utilization (e.g. targetAvgMemoryUtilization: 50 means 50%), leave empty to disable.
# To enable this metric, Kubernetes Metrics Server is required to install.
targetAvgMemoryUtilization:
# window to consider waiting while scaling up. default is 0s if empty.
scaleUpStabilizationWindowSeconds:
# window to consider waiting while scaling down. default is 300s if empty.
scaleDownStabilizationWindowSeconds:
# grace period seconds after JCC termination signal before force shutdown, default is 30s if empty.
terminationGracePeriodSeconds: 900
# Enable IPv6 service for DNS routing to Control plan
enableIPv6: false
- Configure the following parameters in the Helm chart and name the file
values.yaml
. - In the Helm chart console, run the following command:
$ helm install --name snaplogic helm_chart_folder
where helm_chart_folder is the Helm Chart ZIP file, which you can download from this document
. - Run the Helm list command to determine the status of the deployment.
The following sample output shows a successful deployment:
Warning: If you deploy the Snaplex JCC nodes but resources in the Kubernetes environment are not available to fulfill the Helm Chart, then your deployment goes into a pending state until sufficient resources are available. - The following sample output shows the pending status of resources:
Once you deploy your Helm chart, you can deploy a load balancer.
Configure IPv6
- In the values.yaml file of the Helm chart, set the value
enableIPv6: true
. - Set the global property for the
jcc.k8s_subdomain_service
in this format -- Helm Release Name -snaplogic-snaplex-ipv6.
Deploying a Load Balancer
To add load balancers to your JCC and FeedMaster nodes:
- In the Helm console, run the Helm list command to list the services.
- In SnapLogic Admin Manager, navigate to the Snaplexes and select the target Snaplex. The Update Snaplex screen is displayed.
- On the Settings tab, specify the corresponding values in the following fields:
- Load balancer: Specify the protocol and port number of the Snaplex JCC node. Refer PORT(s) associated with snaplogic-snaplex-regular.
- Ultra load balancer: Specify the protocol and port number of the FeedMaster node. Refer to PORT(s) associated with snaplogic-snaplex-feed.
- Review the information and click Save. Once the Snaplex and FeedMaster nodes are deployed, you can start designing and running pipelines and Tasks.
Best Practices
- Avoid running processes on the same control plane as the JCC node, so that the JCC has the maximum amount of memory available on that control plane.
- Do not overwrite the global.properties file unless working with your CSM to customize your Groundplex.
- Request resources upfront. Do this by setting the control plane’s request and limit to the same value, as shown in the image below:
Downloads
Download and extract the following files, using the values.yaml
file as the basis for your Helm Chart.