Install via Add-Ons
This page provides an overview of Cluster Add-Ons for KubeRocketCI, including their purpose, benefits, and usage.
What Are Add-Ons​
KubeRocketCI Add-Ons is essentially a Kubernetes-based deployment pattern that allows users to easily install additional components for the platform using Argo CD applications.
Add-Ons have been introduced into KubeRocketCI starting from version 3.4.0. They empower users to seamlessly integrate the platform with various additional components, such as SonarQube, Nexus, Keycloak, Jira, and more. This eliminates the need for manual installations, as described in the Install KubeRocketCI page.
In a nutshell, Add-Ons are separate Helm Charts that can be installed with just one click using the Argo CD tool.
Add-Ons Repository Structure​
All the Add-Ons for KubeRocketCI are stored in our GitHub repository following the GitOps approach. In addition to default Helm and Git files, the repository contains custom resources called Applications for Argo CD and application source code. The repository adheres to the GitOps approach, allowing for easy rollback of changes when necessary. The structure of the repository is as follows:
├── CHANGELOG.md
├── LICENSE
├── Makefile
├── README.md
├── add-ons
└── chart
-
add-ons - the directory that contains Helm charts of the applications that can be integrated with KubeRocketCI using Add-Ons.
-
chart - the directory that contains Helm charts with application templates that will be used to create custom resources called Applications for Argo CD.
Enable KubeRocketCI Add-Ons​
To enable Add-Ons, it is necessary to have the configured Argo CD, and connect and synchronize the forked repository. To do this, follow the guidelines below:
-
Fork the Add-Ons repository to your personal account.
-
Provide the parameter values for the values.yaml files of the desired Add-Ons you are going to install.
-
Navigate to Argo CD -> Settings -> Repositories. Connect your forked repository where you have the values.yaml files changed by clicking the + CONNECT REPO button:
-
In the appeared window, fill in the following fields and click the CONNECT button:
- Choose your connection method -
VIA SSH; - Name -
addons-demo(optional); - Project - select project;
- Repository URL - enter the
ssh URLof your forked repository (git@github.com:example/edp-cluster-add-ons.git);
- Choose your connection method -
-
As soon as the repository is connected, the new item will appear in the repository list:
-
Navigate to Argo CD -> Applications. Click the + NEW APP button:
-
Fill in the required fields and click CREATE button:
- Application Name - addons-demo;
- Project name - select the namespace where the project is going to be deployed;
- Sync policy -
Manual; - Repository URL - enter the URL of your forked repository;
- Revision -
HEAD; - Path -
chart; - Cluster URL - select
URLor cluster Name; - Namespace - enter the namespace which must be equal to the Project name field;
-
As soon as the repository is synchronized, the list of applications that can be installed by Add-Ons will be shown:
Install Add-Ons​
Now that Add-Ons are enabled in Argo CD, they can be installed by following the steps below:
-
Choose the Add-On to install.
-
On the chosen Add-On, click the â‹® button and then Details:
-
To install the Add-On, click the â‹® button -> Sync:
-
Once the Add-On is installed, the Sync OK message will appear in the Add-On status bar:
-
Open the application details by clicking on the little square with an arrow underneath the Add-On name:
-
Track application resources and status in the App details menu:
Argo CD provides excellent observability and monitoring capabilities for its resources, which is particularly beneficial when utilizing KubeRocketCI Add-Ons.
Available Add-Ons List​
The list of the available Add-Ons:
Consult repository README.md for the most up-to-date information.
| Name | Description | Default |
|---|---|---|
| Argo CD | A GitOps continuous delivery tool that helps automate the deployment, configuration, and lifecycle management of applications in Kubernetes clusters. | false |
| AWS EFS CSI Driver | A Container Storage Interface (CSI) driver that enables the dynamic provisioning of Amazon Elastic File System (EFS) volumes in Kubernetes clusters. | false |
| Cert Manager | A native Kubernetes certificate management controller that automates the issuance and renewal of TLS certificates. | false |
| Capsule | A multi-tenancy solution for Kubernetes clusters that provides each tenant with a dedicated namespace where they can freely run their workloads with resource quotas. | false |
| Capsule tenant | A specific tenant within the Capsule multi-tenancy solution. Each tenant has its own isolated environment within the Kubernetes cluster. | false |
| DefectDojo | A security vulnerability management tool that allows tracking and managing security findings in applications. | false |
| DependencyTrack | A Software Composition Analysis (SCA) platform that helps identify and manage open-source dependencies and their associated vulnerabilities. | false |
| KubeRocketCI(EDP) | An internal platform created by EPAM to enhance software delivery processes using DevOps principles and tools. | false |
| Extensions OIDC | KubeRocketCI Helm chart to provision OIDC clients for different Add-Ons using EDP Keycloak Operator. | false |
| External Secrets | A Kubernetes Operator that fetches secrets from external secret management systems and injects them as Kubernetes Secrets. | false |
| Fluent Bit | A lightweight and efficient log processor and forwarder that collects and routes logs from various sources in Kubernetes clusters. | false |
| Harbor | A cloud-native container image registry that provides support for vulnerability scanning, policy-based image replication, and more. | false |
| Ingress nginx | An Ingress controller that provides external access to services running within a Kubernetes cluster using Nginx as the underlying server. | false |
| Jaeger Operator | An operator for deploying and managing Jaeger, an end-to-end distributed tracing system, in Kubernetes clusters. | false |
| Keycloak | An open-source Identity and Access Management (IAM) solution that enables authentication, authorization, and user management in Kubernetes clusters. | false |
| Keycloak PostgreSQL | A PostgreSQL database operator that simplifies the deployment and management of PostgreSQL instances in Kubernetes clusters. | false |
| MinIO Operator | An operator that simplifies the deployment and management of MinIO, a high-performance object storage server compatible with Amazon S3, in Kubernetes clusters. | false |
| Nexus | Serves as a repository manager, enabling the proxying, aggregation, and management of dependencies, as well as the storage of artifacts. | false |
| Nexus Operator | A tool designed to streamline the handling of Nexus resources and configurations, facilitating the proxying, collection, and management of dependencies within a repository manager. | false |
| OpenSearch | A community-driven, open-source search and analytics engine that provides scalable and distributed search capabilities for Kubernetes clusters. | false |
| OpenTelemetry Operator | An operator for automating the deployment and management of OpenTelemetry, a set of observability tools for capturing, analyzing, and exporting telemetry data. | false |
| PostgreSQL Operator | An operator for running and managing PostgreSQL databases in Kubernetes clusters with high availability and scalability. | false |
| Report Portal | An powered test automation dashboard that allows you to analyze test results, identify issues, and track testing progress. | false |
| Prometheus Operator | An operator that simplifies the deployment and management of Prometheus, a monitoring and alerting toolkit, in Kubernetes clusters. | false |
| Redis Operator | An operator for managing Redis, an in-memory data structure store, in Kubernetes clusters, providing high availability and horizontal scalability. | false |
| Sonar | A comprehensive open-source platform dedicated to the continuous evaluation of code quality, automatically scrutinizing code to identify bugs, code smells, and security vulnerabilities. | false |
| Sonar Operator | An operator that simplifies the management and configuration of SonarQube. | false |
| StorageClass | A Kubernetes resource that provides a way to define different classes of storage with different performance characteristics for persistent volumes. | false |
| Tekton | A flexible and cloud-native framework for building, testing, and deploying applications using Kubernetes-native workflows. | false |
| Tekton-cache | false | |
| Vault | An open-source secrets management solution that provides secure storage, encryption, and access control for sensitive data in Kubernetes clusters. | false |