Deploying to LKE

It's happening!

Now that the environment is setup on Linode, we need to create the Hydrolix configuration hydrolix.yaml:

---
apiVersion: hydrolix.io/v1
kind: HydrolixCluster
metadata:
  name: <Please provide your namespace>
spec:
  admin_email: <Please provide your email>
  db_bucket_url: https://bucket.region.linodeobjects.com <replace with your bucket URL>
  hydrolix_url: https://hostname.company.net <replace with your comany hostname for Hydrolix>
  catalog_db_admin_user: linpostgres
  catalog_db_admin_db: postgres
  catalog_db_host: lin-yyyyy-xxxx-pgsql-primary-private.servers.linodedb.net <replace with your private network host created before>
  pg_ssl_mode: require
  env:
    AWS_ACCESS_KEY_ID: <Please provide the AWS_ACCESS_KEY_ID created earlier>
  ip_allowlist: <This allow the cluster to be fully accessible, you can restrict to your IP>
    - 0.0.0.0/0
  scale_profile: dev <You can change the scale_profile to whatever fits your needs>
  scale:
    postgres:
      replicas: 0

We also need a secret.yaml which contains our AWS Secret Key:

---
apiVersion: v1
kind: Secret
metadata:
  name: curated
  namespace: <Please provide your namespace>
stringData:
  AWS_SECRET_ACCESS_KEY: <Please provide the AWS_SECRET_ACCESS_KEY created earlier>
  ROOT_DB_PASSWORD: <Please provide your postgres password created earlier>
type: Opaque

And finally we need to use the kustomization.yaml to apply:

---
namespace: <Please provide your namespace>

resources:
  - https://hdx-public.s3.amazonaws.com/operator/operator-v3.24.0.yaml
  - secret.yaml
  - hydrolix.yaml

After all those files are created you can deploy Hydrolix by using the following command:

kubectl apply -k .

This needs to be run from the folder containing the different yaml files created earlier.

Enable autoscaling

Once your Hydrolix cluster is deployed you can enable autoscaling by downloading and applying the following yaml:

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-view: "true"
  name: system:aggregated-metrics-reader
rules:
- apiGroups:
  - metrics.k8s.io
  resources:
  - pods
  - nodes
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
rules:
- apiGroups:
  - ""
  resources:
  - nodes/metrics
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - pods
  - nodes
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server-auth-reader
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server:system:auth-delegator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  ports:
  - name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  strategy:
    rollingUpdate:
      maxUnavailable: 0
  template:
    metadata:
      labels:
        k8s-app: metrics-server
    spec:
      containers:
      - args:
        - --cert-dir=/tmp
        - --secure-port=4443
        - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
        - --kubelet-use-node-status-port
        - --kubelet-insecure-tls=true
        - --metric-resolution=15s
        image: k8s.gcr.io/metrics-server/metrics-server:v0.6.1
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /livez
            port: https
            scheme: HTTPS
          periodSeconds: 10
        name: metrics-server
        ports:
        - containerPort: 4443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readyz
            port: https
            scheme: HTTPS
          initialDelaySeconds: 20
          periodSeconds: 10
        resources:
          requests:
            cpu: 100m
            memory: 200Mi
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
        volumeMounts:
        - mountPath: /tmp
          name: tmp-dir
      nodeSelector:
        kubernetes.io/os: linux
      priorityClassName: system-cluster-critical
      serviceAccountName: metrics-server
      volumes:
      - emptyDir: {}
        name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
  labels:
    k8s-app: metrics-server
  name: v1beta1.metrics.k8s.io
spec:
  group: metrics.k8s.io
  groupPriorityMinimum: 100
  insecureSkipTLSVerify: true
  service:
    name: metrics-server
    namespace: kube-system
  version: v1beta1
  versionPriority: 100

Once you have downloaded the file you can apply it using:

kubectl apply -f autoscale.yaml