Bring Your Own Kubernetes (BYOK8s) Installation#
Data Science & AI Workbench can be installed on a wide variety of CNCF-compliant Kubernetes cluster. Installation is performed using the industry standard Helm package manager. Successful deployment requires the expertise of your in-house Kubernetes administrators to validate our requirements and provision the necessary compute, storage, and networking resources.
After you have verified that your environment is prepared for installation by completing the pre-installation checklist, you are ready to install the cluster!
Perform the following actions from your established administration server.
Installation is largely performed in the custom namespace. Modify the default
kubectl
context to point to the new namespace by running the following command:# Replace <NAMESPACE> with the namespace that you reserved for Workbench kubectl config set-context --current --namespace=<NAMESPACE>
The remainder of these instructions assume this change has been made.
Open and unpack the Helm chart archive provided by Anaconda, and
cd
into the root directory of this archive.Note
The archive root directory contains the following items of importance:
The
Anaconda-Enterprise/
directory. This contains your helm chart.The
values.yaml
override file. Edit this file to include custom configurations for the application.A version of these instructions labeled as
INSTALL.{md,pdf}
.
If you need a pull secret to access the Docker registry, create it now, then verify the presence of the pull secret by running the following command:
# Replace <PULL_SECRET_NAME> with the name for your pull secret kubectl describe secret <PULL_SECRET_NAME>
Using your preferred text editor, open the
values.yaml
override file. Add or modify necessary values to this file. At minimum, you must provide the following:values.yaml
override file configurationsNote
View the
values.yaml
override file here.Configuration
Description
hostname
The fully qualified domain name (FQDN) of the host.
serviceAccountName
The name of the service account with the necessary permissions to install and run the platform.
uid
The UID under which the containers will be run.
storage.pvc
The name of the persistent volume for the
anaconda-storage
function.persistence.pvc
The name of the persistent volume for the
anaconda-persistence
function.image.server
The address of the Docker image registry
image.pullSecrets
Information about any pull secrets required to authenticate to the Docker registry:
An empty value indicates that no pull secret is required
A string containing the name of a single secret
A list of strings, with one secret name per entry
dnsServer
(OpenShift Only) The FQDN of the internal cluster DNS server. Uncomment the line provided in the file for this.
ingress.className
The name of the
IngressClass
resource used by your ingress controller. If you are installing the Anaconda-supplied ingress, no modification is necessary for this configuration.(If necessary) keycloak.truststore
The path to your LDAPS truststore (e.g.
/etc/secrets/certs/ldaps.jks
).(If necessary) keycloak.truststore_password
The LDAPS truststore password
(If necessary) keycloak.truststore_secret
The name of the secret you created containing the truststore
Start your installation by running the following command:
helm install --values ./values.yaml anaconda-enterprise ./Anaconda-Enterprise/
Caution
The current version of Workbench requires the release name
anaconda-enterprise
. Do not change this value.Monitor the progress of your installation by running the following command:
watch kubectl get pods
Wait for all of the pods to get to the
Running
orCompleted
state.Tip
Installation can take several minutes depending on the performance characteristics of your system. If a particular pod is behaving in an unexpected manner, you can investigate the cause using commands such as:
# Replace <POD_NAME> with the name of the pod kubectl logs <POD_NAME> kubectl describe pod <POD_NAME>
If you chose to install the Anaconda-supplied ingress, you must now need to determine its assigned IP address, and create your DNS records for the cluster. To determine this address, run the command:
kubectl get svc anaconda-enterprise-nginx.ingress
Note
The IP address is provided in the
External IP
column. Create your DNS records for your FQDN and for its wildcard. For example,anaconda.example.com
and*.anaconda.example.com
.Once these DNS changes have propagated, you can proceed to the next step.
Open a web browser and navigate to your instance of Workbench.
Note
Your browser may initially refuse to connect due to the use of our generated, self-signed SSL certificates. You should temporarily permit your browser to proceed anyway. You will also have to do the same every time you start a new session or deployment, so it is best to comlpete the next step as soon as possible.
-
Note
If you are installing the Anaconda-supplied ingress, you can expect it to enter a
CrashLoopBackoff
state until the SSL certificate generation task has completed. This is expected behavior. Once the preliminary certificates are generated, the next automatic restart of the ingress should proceed without incident.
Basic installation of Workbench is now complete! You can now perform any additional post-installation steps necessary.