diff --git a/docs/server/source/production-deployment-template/client-tls-certificate.rst b/docs/server/source/production-deployment-template/client-tls-certificate.rst index 5a729836..af2cd767 100644 --- a/docs/server/source/production-deployment-template/client-tls-certificate.rst +++ b/docs/server/source/production-deployment-template/client-tls-certificate.rst @@ -67,7 +67,7 @@ directory and do something like: .. code:: bash - ./easyrsa import-req bdb-instance-0.req bdb-instance-0 + ./easyrsa import-req /path/to/bdb-instance-0.req bdb-instance-0 ./easyrsa sign-req client bdb-instance-0 @@ -84,4 +84,4 @@ private keys. .. code:: bash - cat bdb-instance-0.crt bdb-instance-0.key > bdb-instance-0.pem + cat /path/to/bdb-instance-0.crt /path/to/bdb-instance-0.key > bdb-instance-0.pem diff --git a/docs/server/source/production-deployment-template/log-analytics.rst b/docs/server/source/production-deployment-template/log-analytics.rst index 5354b4e2..2b8cb8b3 100644 --- a/docs/server/source/production-deployment-template/log-analytics.rst +++ b/docs/server/source/production-deployment-template/log-analytics.rst @@ -50,53 +50,53 @@ An example of a simple template file (``--template-file``): .. code-block:: json { - "$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "sku": { - "type": "String" - }, - "workspaceName": { - "type": "String" - }, - "solutionType": { - "type": "String" - }, - }, + "$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "sku": { + "type": "String" + }, + "workspaceName": { + "type": "String" + }, + "solutionType": { + "type": "String" + }, "resources": [ - { - "apiVersion": "2015-03-20", - "type": "Microsoft.OperationalInsights/workspaces", - "name": "[parameters('workspaceName')]", - "location": "[resourceGroup().location]", - "properties": { - "sku": { - "name": "[parameters('sku')]" - } - }, - "resources": [ - { - "apiVersion": "2015-11-01-preview", - "location": "[resourceGroup().location]", - "name": "[Concat(parameters('solutionType'), '(', parameters('workspaceName'), ')')]", - "type": "Microsoft.OperationsManagement/solutions", - "id": "[Concat(resourceGroup().id, '/providers/Microsoft.OperationsManagement/solutions/', parameters('solutionType'), '(', parameters('workspaceName'), ')')]", - "dependsOn": [ - "[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]" - ], - "properties": { - "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]" - }, - "plan": { - "publisher": "Microsoft", - "product": "[Concat('OMSGallery/', parameters('solutionType'))]", - "name": "[Concat(parameters('solutionType'), '(', parameters('workspaceName'), ')')]", - "promotionCode": "" - } - } - ] - } + { + "apiVersion": "2015-03-20", + "type": "Microsoft.OperationalInsights/workspaces", + "name": "[parameters('workspaceName')]", + "location": "[resourceGroup().location]", + "properties": { + "sku": { + "name": "[parameters('sku')]" + } + }, + "resources": [ + { + "apiVersion": "2015-11-01-preview", + "location": "[resourceGroup().location]", + "name": "[Concat(parameters('solutionType'), '(', parameters('workspaceName'), ')')]", + "type": "Microsoft.OperationsManagement/solutions", + "id": "[Concat(resourceGroup().id, '/providers/Microsoft.OperationsManagement/solutions/', parameters('solutionType'), '(', parameters('workspaceName'), ')')]", + "dependsOn": [ + "[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]" + ], + "properties": { + "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]" + }, + "plan": { + "publisher": "Microsoft", + "product": "[Concat('OMSGallery/', parameters('solutionType'))]", + "name": "[Concat(parameters('solutionType'), '(', parameters('workspaceName'), ')')]", + "promotionCode": "" + } + } + ] + } ] + } } An example of the associated parameter file (``--parameters``): @@ -104,19 +104,19 @@ An example of the associated parameter file (``--parameters``): .. code-block:: json { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "sku": { - "value": "Free" - }, - "workspaceName": { - "value": "work_space" - }, - "solutionType": { - "value": "Containers" - }, + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "sku": { + "value": "Free" + }, + "workspaceName": { + "value": "work_space" + }, + "solutionType": { + "value": "Containers" } + } } Deploy the OMS Agents diff --git a/docs/server/source/production-deployment-template/node-config-map-and-secrets.rst b/docs/server/source/production-deployment-template/node-config-map-and-secrets.rst index 8f3f29cd..ddc9a22c 100644 --- a/docs/server/source/production-deployment-template/node-config-map-and-secrets.rst +++ b/docs/server/source/production-deployment-template/node-config-map-and-secrets.rst @@ -220,10 +220,9 @@ portal using your admin account, click **APIs** and click on **Integration** for the relevant API. Scroll to the bottom of the page and click the small link in the lower right corner, labelled **Download the NGINX Config files**. -You'll get a ``.zip`` file. -Unzip it, then open the ``.conf`` file and the ``.lua`` file. +Unzip it(if it is a ``zip`` file). Open the ``.conf`` and the ``.lua`` file. You should be able to find all the values in those files. -You have to be careful because it will have values for *all* your APIs, +You have to be careful because it will have values for **all** your APIs, and some values vary from API to API. The ``version-header`` is the timestamp in a line that looks like: diff --git a/docs/server/source/production-deployment-template/node-on-kubernetes.rst b/docs/server/source/production-deployment-template/node-on-kubernetes.rst index 80cd1618..3fc6dd8a 100644 --- a/docs/server/source/production-deployment-template/node-on-kubernetes.rst +++ b/docs/server/source/production-deployment-template/node-on-kubernetes.rst @@ -87,6 +87,10 @@ You can connect to your cluster's $ kubectl proxy -p 8001 + or + + $ az acs kubernetes browse -g [Resource Group] -n [Container service instance name] --ssh-key-file /path/to/privateKey + or, if you prefer to be explicit about the context (explained above): .. code:: bash @@ -210,7 +214,7 @@ have the Azure DNS prefix name along with a long random string, without the changes to be applied. To verify the DNS setting is operational, you can run ``nslookup `` from your local Linux shell. +name added in Azure configuration>`` from your local Linux shell. This will ensure that when you scale the replica set later, other MongoDB members in the replica set can reach this instance. @@ -295,7 +299,7 @@ Step 9: Start the NGINX Kubernetes Deployment --------------------------------------------- * NGINX is used as a proxy to OpenResty, BigchainDB and MongoDB instances in - the node. It proxies HTTP/HTTPS requests on the ``clusted-frontend-port`` + the node. It proxies HTTP/HTTPS requests on the ``cluster-frontend-port`` to the corresponding OpenResty or BigchainDB backend, and TCP connections on ``mongodb-frontend-port`` to the MongoDB backend. @@ -346,7 +350,7 @@ Step 9.2: NGINX with HTTPS + 3scale .. code:: bash - $ kubectl --context k8s-bdb-test-cluster-0 apply -f nginx-3scale/nginx-3scale-dep.yaml + $ kubectl --context k8s-bdb-test-cluster-0 apply -f nginx-https/nginx-https-dep.yaml Step 10: Create Kubernetes Storage Classes for MongoDB @@ -854,15 +858,15 @@ To test the NGINX instance with HTTPS and 3scale integration: $ nslookup ngx-https-instance-0 - $ dig +noall +answer _public-secure-cluster-port._.tcp.ngx-https-instance-0.default.svc.cluster.local SRV + $ dig +noall +answer _public-secure-cluster-port._tcp.ngx-https-instance-0.default.svc.cluster.local SRV - $ dig +noall +answer _public-mdb-port._.tcp.ngx-https-instance-0.default.svc.cluster.local SRV + $ dig +noall +answer _public-mdb-port._tcp.ngx-https-instance-0.default.svc.cluster.local SRV - $ dig +noall +answer _public-insecure-cluster-port._.tcp.ngx-https-instance-0.default.svc.cluster.local SRV + $ dig +noall +answer _public-insecure-cluster-port._tcp.ngx-https-instance-0.default.svc.cluster.local SRV - $ wsc -er wss://ngx-https-instance-0/api/v1/streams/valid_transactions + $ wsc -er wss:///api/v1/streams/valid_transactions - $ curl -X GET http://ngx-https-instance-0:27017 + $ curl -X GET https:// The above curl command should result in the response ``It looks like you are trying to access MongoDB over HTTP on the native driver port.`` diff --git a/docs/server/source/production-deployment-template/server-tls-certificate.rst b/docs/server/source/production-deployment-template/server-tls-certificate.rst index eb9dd204..c220daa0 100644 --- a/docs/server/source/production-deployment-template/server-tls-certificate.rst +++ b/docs/server/source/production-deployment-template/server-tls-certificate.rst @@ -68,7 +68,7 @@ directory and do something like: .. code:: bash - ./easyrsa import-req mdb-instance-0.req mdb-instance-0 + ./easyrsa import-req /path/to/mdb-instance-0.req mdb-instance-0 ./easyrsa --subject-alt-name=DNS:localhost,DNS:mdb-instance-0 sign-req server mdb-instance-0 @@ -85,5 +85,5 @@ private keys. .. code:: bash - cat mdb-instance-0.crt mdb-instance-0.key > mdb-instance-0.pem + cat /path/to/mdb-instance-0.crt /path/to/mdb-instance-0.key > mdb-instance-0.pem diff --git a/docs/server/source/production-deployment-template/template-kubernetes-azure.rst b/docs/server/source/production-deployment-template/template-kubernetes-azure.rst index d99596cc..54927f5e 100644 --- a/docs/server/source/production-deployment-template/template-kubernetes-azure.rst +++ b/docs/server/source/production-deployment-template/template-kubernetes-azure.rst @@ -128,14 +128,14 @@ You can SSH to one of the just-deployed Kubernetes "master" nodes .. code:: bash - $ ssh -i ~/.ssh/.pub ubuntu@ + $ ssh -i ~/.ssh/ ubuntu@ where you can get the IP address or hostname of a master node from the Azure Portal. For example: .. code:: bash - $ ssh -i ~/.ssh/mykey123.pub ubuntu@mydnsprefix.westeurope.cloudapp.azure.com + $ ssh -i ~/.ssh/mykey123 ubuntu@mydnsprefix.westeurope.cloudapp.azure.com .. note:: diff --git a/k8s/configuration/config-map.yaml b/k8s/configuration/config-map.yaml index 0fe1bced..99f31088 100644 --- a/k8s/configuration/config-map.yaml +++ b/k8s/configuration/config-map.yaml @@ -49,7 +49,7 @@ data: # Kubernetes cluster. ngx-mdb-instance-name: ".default.svc.cluster.local" - # ngx-openresty-instance-name is the FQDN of the MongoDB instance in this + # ngx-openresty-instance-name is the FQDN of the OpenResty instance in this # Kubernetes cluster. ngx-openresty-instance-name: ".default.svc.cluster.local" @@ -95,6 +95,24 @@ data: # the MongoDB backend. bigchaindb-database-name: "bigchain" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: bdb-config + namespace: default +data: + # Colon-separated list of all *other* nodes' BigchainDB public keys. + bdb-keyring: "<':' separated list of public keys>" + + # BigchainDB instance authentication user name + bdb-user: "" + + # BigchainDB public key of *this* node. + # Generated using bigchaindb_driver in the docs + # Example: "EPQk5i5yYpoUwGVM8VKZRjM8CYxB6j8Lu8i8SG7kGGce" + bdb-public-key: "" + # bigchaindb-backlog-reassign-delay is the number of seconds a transaction # can remain in the backlog before being reassigned. bigchaindb-backlog-reassign-delay: "120" @@ -110,21 +128,4 @@ data: bigchaindb-database-connection-timeout: "5000" # bigchaindb-log-level is the log level used to log to the console. - bigchaindb-log-level: "debug" - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: bdb-config - namespace: default -data: - # Colon-separated list of all *other* nodes' BigchainDB public keys. - bdb-keyring: "<':' separated list of public keys>" - - # BigchainDB instance authentication user name - bdb-user: "" - - # BigchainDB public key of *this* node. - # Example: "EPQk5i5yYpoUwGVM8VKZRjM8CYxB6j8Lu8i8SG7kGGce" - bdb-public-key: "" + bigchaindb-log-level: "debug" \ No newline at end of file diff --git a/k8s/configuration/secret.yaml b/k8s/configuration/secret.yaml index eccaf2b7..f27323e7 100644 --- a/k8s/configuration/secret.yaml +++ b/k8s/configuration/secret.yaml @@ -15,8 +15,9 @@ metadata: type: Opaque data: # Base64-encoded Group ID + # Group ID used by MongoDB deployment group-id: "" - # Base64-encoded Agent API Key + # Base64-encoded MongoDB Agent API Key for the group agent-api-key: "" --- apiVersion: v1 @@ -27,6 +28,7 @@ metadata: type: Opaque data: # Base64-encoded BigchainDB private key of *this* node + # Generated using bigchaindb_driver in the docs private.key: "" --- apiVersion: v1 @@ -80,7 +82,7 @@ data: crlfile: "" # Base64-encoded BigchainDB instance certificate bdb-instance.pem: "" - # Base64-encoded private key + # Base64-encoded private key (.key) bdb-instance.key: "" --- apiVersion: v1 diff --git a/k8s/nginx-https/nginx-https-dep.yaml b/k8s/nginx-https/nginx-https-dep.yaml index 1b4e2010..1ed7408c 100644 --- a/k8s/nginx-https/nginx-https-dep.yaml +++ b/k8s/nginx-https/nginx-https-dep.yaml @@ -59,7 +59,7 @@ spec: valueFrom: configMapKeyRef: name: vars - key: openresty-backend-host + key: openresty-instance-name - name: BIGCHAINDB_BACKEND_HOST valueFrom: configMapKeyRef: